C.  2 


NETWORK  DESIGN 


Best  Practices 
For  Alberta  School  Jurisdictions 

February,  1999 


/dibsrra 


'iHm  _   

EDUCATION 


NETWORK  DESIGN 


Best  Practices 
For  Alberta  School  Jurisdictions 

February,  1999 


Ahem 


EDUCATION 


ALBERTA  EDUCATION  CATALOGUING  IN  PUBLICATION  DATA 


Alberta.  Alberta  Education. 

Network  design  :  best  practices  for  Alberta  jurisdictions. 

Available  in  electronic  format  on  the  World  Wide  Web: 
URL:  http://ednet.edc.qov.ab.ca/technoloqv/ 
ISBN  0-7785-0324-0 

Computer  networks  -  Alberta  -  Design.  2.  Schools  -  Computer 
networks  -  Alberta.  3.  Internetworking  (Telecommunication)  -  Alberta. 
I.  Title. 

TK51 05.5.A333  1 998  621 .381 


Additional  copies  are  available  through: 

Learning  Resources  Distributing  Centre 
12360-142  Street 

Edmonton,  Alberta,  Canada  T5L  4X9 
Telephone:  780-427-5775 
Facsimile:  780-422-9750 


For  more  information,  contact: 
Bonnie  Brooks 

School  Technology  Task  Group 

Alberta  Education 

11160  Jasper  Avenue 

Edmonton,  Alberta,  Canada  T5K  0L2 

Telephone:  780-427-9001 

Facsimile:  780-415-1091 

To  be  connected  toll  free  outside  Edmonton,  dial  310-0000. 


The  primary  intended  audience  for  this  framework  is: 


Administrators 

Counsellors 

General  Audience 

Information  Technologists 

Parents 

Students 

Teachers 

Copyright  ©  1999,  the  Crown  in  Right  of  Alberta,  as  represented  by  the  Minister  of  Education. 
Alberta  Education,  School  Technology  Task  Group,  11160  Jasper  Avenue,  Edmonton,  Alberta, 
Canada,  T5K  0L2. 

Permission  is  given  by  the  copyright  owner  to  reproduce  this  document,  or  any  part  thereof,  for 
educational  purposes  and  on  a  nonprofit  basis. 


PREFACE 


This  report  has  two  different  target  audiences:  school  principals  and  technology 
co-ordinators.  Since  these  two  audiences  often  have  very  different  levels  of  knowledge 
and  understanding,  this  report  will  be  too  technical  for  some  and  not  technical  enough 
for  others.  Nonetheless,  I  hope  all  readers  will  learn  from  it,  and  be  in  a  better  position 
to  make  informed  decisions  about  issues  that  have  an  impact  on  network  performance 
and  design. 

Tools  cited  in  this  report  are  those  available  in  the  author's  school  jurisdiction  and  those 
that  are  inexpensive  for  the  end  user.  The  scope  of  this  report  does  not  include  a  review 
of  software  products.  Therefore,  the  mention  of  any  particular  commercial  product 
in  this  report  is  not  intended  as  an  endorsement. 

-  Ralph  Schienbein 
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EXECUTIVE  SUMMARY 


PLANNING  CONSIDERATIONS 

What  does  a  jurisdiction  networl<  person,  in-sctiool  computer  person,  sctiool  principal  or 
Jurisdiction  decision  maf<er  need  to  l<now  about  networl<  design,  networf<  performance, 
and  end-to-end  performance  ? 


Take  a  "standards"  approach  to  computing. 

>  Adopt  tfie  computer  industry  standards  thiat  will  be  used  for  all  local  area  network 
(LAN)  and  wide  area  network  (WAN)  designs. 

•  Use  the  EIA  568A  standard. 

•  Use  TCP/IP  as  the  standard.  Begin  to  migrate  away  from  other  schemes. 

•  Establish  1 0/1 00  Mbps  as  standard  for  all  wiring,  network  devices,  and  NICs. 
Test  all  cables  to  100  MBps. 

•  Establish  "switched  to  the  desktop"  as  the  standard  for  all  sites. 

•  Build  a  physically  secure  wiring  closet  with  room  to  expand  and  sufficient  cooling 
to  remove  heat. 

•  Make  use  of  "intelligent"  network  devices  (SNMP  and/or  RMON)  that  can  be 
remotely  monitored. 


Be  prepared  for  rapid  change. 

>   Recognize  that  multimedia  will  become  increasingly  important  and  pervasive  in 
education. 

•  When  computers  are  being  purchased,  require  benchmaric  results. 

•  Contain  complexity  by  reducing  the  number  of  types  of  computers  and  versions 
of  software  at  a  site.  Change  whole  schools  or  departments  at  the  same  time. 

•  Plan  for  large  increases  in  internal  and  external  network  traffic.  Not  only  will 
e-mail  increase  in  size  and  amount,  but  audio  and  video  will  also  become  more 
pervasive. 

•  Buy  technology  that  will  preserve  long-term  flexibility. 

•  Plan  for  your  WAN  connections  to  change  in  capacity  and/or  number  of  access 
points.  Do  not  expect  that  slower  speeds  can  be  maintained  for  years  to  come. 

•  Monitor  Internet  traffic. 
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Build  the  internal  infrastructure  with  the  "enterprise"  in  mind. 


>  Develop  a  network  that  is  both  functional  and  scalable.  "Functional"  refers  to 
acceptable  latency  for  the  task  and  "scalable"  refers  to  the  ease  of  increasing 
bandwidth  on  the  WAN  as  well  as  reconnecting  within  the  LAN. 

•  Act  locally  but  think  jurisdiction  or  enterprise-wide.  Decisions  about  networks, 
computers,  and  software  should  not  reside  exclusively  at  the  school  level. 

•  Understand  that,  in  a  jurisdiction  environment,  all  school  Internet  traffic  and 
external  e-mail  has  an  impact  on  all  other  users  in  the  jurisdiction. 

•  Become  "student-centric"  and  "network-centric"  at  the  same  time.  Doing  so  will 
ensure  that  you  begin  to  examine  home-to-school  network  traffic,  school-to- 
school  traffic,  home  to  other  levels  of  educational  institutions'  traffic,  and  so  on. 

•  Record  all  IP  addresses  and  MAC  (Ethernet)  addresses  at  the  time  a  computer  is 
received. 

•  Maintain  a  wiring  diagram  for  your  facility  so  others  can  determine  where  the 
cables  run. 

•  Physically  separate  administrative  and  student  traffic.  Make  use  of  filters  and 
other  network  techniques  to  provide  security. 

•  Do  not  re-invent  the  wheel.  Consult  with  other  users  around  the  province  about 
the  kinds  of  software  being  used  before  establishing  a  direction.  Join  and 
participate  in  Alberta  Education's  listserver  <edc-techplanqroup@qov.ab.ca>. 


Adopt  an  end-to-end  point  of  view. 

>  Examine  the  network  from  the  users'  point  of  view.  Performance  is  an  end-to-end 
decision  made  up  of  the  local  computers,  local  area  network,  and  wide  area  network 
connection. 

•  Determine  the  computers  and  appropriate  subsystems  required  (disk,  graphics, 
memory,  network  cards)  for  the  tasks  to  be  carried  out. 

•  Choose  network  devices  that  ensure  security  of  data. 

•  Choose  servers  for  bandwidth  conservation  (cache  servers),  file  servers,  mail 
servers,  domain  servers,  etc.  that  are  appropriate  for  the  architecture  of  the 
school. 
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Make  use  of  available  tools  to  monitor  the  network. 

>   Use  various  emerging  tools  to  assist  in  monitoring  botti  tiie  LAN  and  WAN.  At  tliis 
time  tliere  is  no  single  tool  available  to  analyze  all  aspects  of  the  problem. 

•  Determine  what  network  management  software  is  required  for  tine  jurisdiction; 
e.g.,  HP  OpenView. 

•  Select  performance  monitoring  tools;  e.g.,  Performance  Monitor,  NetMedic. 

•  Require  vendors  to  submit  benchmark  results  for  computers  being  purchased. 


Recognize  that  the  network  will  become  more  essential  and  complex. 

>   Try  walking  into  a  staff  room  after  tfie  mail  server  has  gone  down  and  lost  mail,  or 
after  someone  has  entered  payroll  data  over  a  WAN  link  that  is  too  slow.  How 
quickly  and  silently  services  move  from  being  "interesting  and  nice"  to  being 
essential. 

•  Plan  to  hire  the  specialists  in  technology  that  will  be  required  to  manage  the 
many  new  services  available  to  schools — domain  controllers,  file  servers,  cache 
servers,  firewalls,  filtering  software,  software  distribution  schema,  e-mail,  etc. 

•  Plan  to  acquire  more  robust  hardware  and  software  as  internal  and  external 
services  begin  to  move  from  "nice  to  have"  to  mission  critical."  Redundancy  and 
fault  tolerant  services  will  devolve  to  the  site  level. 

•  Do  not  leave  out  backups  of  key  files  "because  we  can  not  afford  it."  Consider 
what  it  means  to  a  school/department  to  lose  their  data  via  hardware  failure, 
vandalism,  fire,  etc. 


Practice  "safe  software." 

>   Help  educators  (who  tend  to  be  a  very  trusting  group  and  therefore  often  share 
software,  hardware,  and  passwords)  to  understand  how  such  an  environment  is 
susceptible  to  illegal  copies,  viruses,  and  misuse. 

•  Use  filtering  software  to  control  web  content  access. 

•  Use  a  firewall  software  package  to  protect  the  site  or  jurisdiction  from  the  outside. 

•  Ensure  that  all  staff  use  proper  password  techniques. 

•  Remind  educators  who  tend  to  be  "loose"  that  illegal  software  use  is  a  crime. 

•  Begin  the  move  to  "zero  administration"  of  software.  By  examining  the  long-term 
costs  for  software,  including  installation  of  updates,  one  can  better  justify 
allocation  of  costs  for  other  things  beyond  initial  costs. 
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Actively  address  funding  issues. 

>   Consider  establishing  explicit  funding  for  jurisdiction  LAN/WAN  support. 

If  the  author  could  make  only  one  recommendation,  it  would  be  for  a  change  in 
funding  to  support  jurisdiction-wide  networks.  It  is  impossible  to  continue  to  build 
networks  in  school  jurisdictions  as  "add-on  work"  and  "add-on  expenses"  without 
designated  funds  to  support  this  reality.  Trained  network  professionals  are  very 
expensive  and  difficult  to  obtain,  and  the  problem  gets  more  difficult  as  the  distance 
increases  from  major  urban  areas. 

Site-based  decision  making  has  many  merits.  However,  building  a  jurisdiction-wide 
network  while  funding  goes  to  schools  and  implementing  a  cap  on  central  costs 
encourages  a  "Balkanization"  of  networks,  equipment,  and  standards.  Educators 
need  to  be  free  to  integrate  technology  into  the  curriculum,  not  kept  busy  trying  to 
keep  various  generations  of  hardware  and  software  operational.  Often  site-based 
decisions  will  be  made  for  the  benefit  of  a  school  and  not  necessarily  with  other 
schools  in  mind. 

Smaller  schools  have  difficulty  implementing  servers  and  WAN  connections  capable 
of  giving  equitable  access  since  their  student-based  revenues  are  insufficient.  They 
can  not  generate  the  funds  required  to  properly  acquire,  implement,  and  maintain  the 
infrastructure. 

Also,  rural  schools  often  can  not  obtain  sufficient  bandwidth  for  the  size  of  the 
school,  and  the  costs  for  services  vary  greatly  across  the  province.  There  is  no 
equity  on  a  per  student  basis  across  all  schools  in  the  province. 

•  Schools  require  resources  to  support  increasingly  complex  and  "mission-critical" 
systems. 

•  Supporting  an  end-to-end  network  is  initially  capital  intensive  and  operating 
intensive. 

•  The  current  funding  framework,  which  limits  the  expenses  in  central  services, 
limits  a  jurisdiction's  ability  to  provide  central  network  and  computer  support. 

•  Network  staff  are  expensive  to  acquire  and  difficult  to  retain.  Funding  for  this  is 
required.  In  addition  to  new  money,  changes  should  be  made  to  the  amounts  of 
funds  that  can  be  spent  in  central  services — the  logical  place  for  school  network 
support. 

•  Think  "equity"  for  student  access  across  the  jurisdiction.  Equity  means  equal 
opportunity  for  a  student  regardless  of  school  size  or  location.  It  will  be  much 
more  expensive  for  smaller  and/or  rural  schools  to  provide  WAN  bandwidth  than 
it  will  be  for  schools  accessing  urban  networks. 

•  Schools  and  jurisdictions  should  continue  to  co-operate  with  other  jurisdictions 
around  the  province  to  obtain  better  software  prices. 


4      NETWORK  DESIGN 


EXECUTIVE  SUMMARY 


POLICY  ISSUES  FOR  SCHOOLS  AND  SCHOOL  JURISDICTIONS 


>  When  staff  and  students  use  software  that  is  not  essential  to  their  programs  and/or 
do  an  inordinate  amount  of  downloading  during  peak  hours,  they  overload  the 
networks  and  create  problems  for  other  users.  Decisions  about  using  one  source  in 
a  computer  lab  or  having  each  student  connected  individually  have  an  impact  as 
well.  For  example,  using  the  Internet  as  a  "noon-hour  supervisor"  can  create  an 
overload. 

>  School  jurisdictions  continue  to  struggle  with  the  challenge  of  providing  equitable 
access  to  technology.  (There  are  variations  among  large,  small,  rural,  and  urban 
schools.)  • 

>  School  jurisdictions  can  avoid  re-inventing  the  wheel  and  save  money  by  sharing 
information  and  resources  with  each  other  and  consulting  with  Alberta  Education. 
For  example,  there  may  be  opportunities  for  joint  purchasing. 

>  Security  is  a  major  concern:  the  educator's  tendency  to  have  a  "trusting"  attitude  can 
be  a  major  problem  in  this  context. 

>  Limiting  the  Internet  sites  that  students  are  allowed  to  visit  presents  a  challenge  as 
well.  Schools  have  to  avoid  censoring  students'  pursuit  of  information  but  at  the 
same  time  act  in  loco  parentis. 

>  Technology  continues  to  change  rapidly.  Also,  the  cost  of  owning  technology 
(networks,  hardware,  software,  etc.)  extends  beyond  the  initial  purchase:  support 
and  maintenance  are  a  part  of  the  cost  as  well.  Therefore,  school  jurisdictions  will 
benefit  greatly  from  long-term  planning. 


NETWORK  DESIGN 


EXECUTIVE  SUMMARY  5 


6      NETWORK  DESIGN 


INTRODUCTION 


PERFORMANCE  IS  AN  END-TO-END  ISSUE 

"My  computer  is  slow"  and  "The  network  is  slow"  are  typical  statements  users  make  to 
computer  and  network  support  staff.  What  they  mean  is  they  are  trying  to  do  something 
and  it  is  either  taking  a  long  time  to  do  it  (for  any  variety  of  reasons)  or  it  is  abnormal. 

The  rapid  evolution  of  the  Internet  has  made  computing  network  centric  instead  of 
computer  centric.  Historically,  people  have  concentrated  almost  exclusively  on 
computer  clock  speed  as  the  measure  for  performance.  It  has  been  said,  "When  a 
personal  computer  is  put  on  a  network,  the  personal  is  removed." 

All  parts  of  a  network  have  an  impact  on  someone  at  a  computer  working  in  a  network 
environment.  An  end-to-end  enterprise  view  of  performance  and  capacity  is  required. 
This  includes  the  computer  itself  (CPU,  memory,  disk,  network  interface,  graphics,  etc.), 
the  local  area  network  (LAN),  components  within  the  LAN  such  as  servers,  the  wide  area 
network  (WAN),  etc.  Each  of  these  can  be  characterized  and/or  measured  with  a  variety 
of  tools  and  metrics. 

This  report  will: 

•  Describe  a  model  that  can  be  used  to  project  WAN  connection  speeds  based  on 
user  traffic. 

•  Describe  end-to-end  performance  issues. 

•  Characterize  and  identify  tools  for  on-line  analysis. 

•  Describe  how  network  traffic  has  an  impact  on  network  design  as  well  as 
computer  architectures. 

•  Provide  basic  metrics  where  available. 

•  Identify  industry  trends. 


PURPOSE  AND  OBJECTIVES 

Network  design  is  viewed  as  layers — cabling,  network,  computers,  and  a  WAN  (Figure 
1 ).  Each  school/department  site  can  be  viewed  as  having  these  different  layers.  While 
this  paper  does  not  go  into  answering  the  question,  "How  do  you  wire  a  school?"  it  will 
examine  subsections  of  the  topology  that  have  to  do  with  end-to-end  performance  and 
capacity  planning.  (See  Calgary  Public  Schools  web  site  <http://www.cbe.ab.ca>  for 
more  details  on  wiring).  This  paper  assumes  active  star  topology.  Category  5  wiring, 
Ethernet  (running  10  Mbps  but  tested  to  100  Mbps),  and  intelligent  devices. 
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FIGURE  1 :  LAYERED  VIEW  OF  NETWORK  DESIGN 


One  of  the  general  design  principles  for  scliools  is  "scalable  and  flexible."  Adding  a 
computer  lab  with  thirty  computers  has  a  significant  impact  on  the  traffic  flow  in  a  school 
network.  Scalable  means  that  the  network  can  be  easily  modified  to  meet  changes 
(increases  or  decreases)  in  network  traffic.  The  addition  of  electronic  media  such  as  an 
encyclopedia  in  the  library  also  introduces  significant  traffic  to  a  specific  area  of  the 
school,  as  would  a  Career  and  Technology  Studies  (CTS)  lab.  The  use  of  audio  such  as 
RealAudio  creates  a  significant  increase  in  traffic,  as  does  two-way  video  via 
technologies  such  as  CUSeeMe.  The  "killer  application,"  from  a  capacity  planning  point 
of  view,  is  the  delivery  of  video  in  real  time. 


A  school  topology  must  be  flexible  enough  to  be  reconfigured  as  the  types  of  network 
traffic  change.  It  also  must  withstand  designing  around  specific  staff  who  may  move  to 
other  parts  of  the  building  or  to  another  location  and  are  replaced  by  staff  who  produce 
significantly  different  LAN/WAN  traffic  patterns. 

The  overall  network  traffic  in  schools  is  dynamic  at  any  given  moment.  Traffic  will 
change  from  year  to  year  as  well  as  during  various  times  of  the  year.  Newer  multimedia 
technologies  will  use  more  bandwidth.  The  normal  practice  of  secure  wiring  closets  in 
each  location  is  a  given.  Within  this  closet  it  is  relatively  easy  to  change  a  server  from 
10  Mbps  to  100  Mbps  and  1000  Mbps  when  required  (Figure  2). 


FIGURE  2:  RELATIVE  "PIPESIZES":  10, 100, 1000  Mbps 
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Design  the  network  with  10/100  Mbps  to  the  desktop,  10/100  Mbps  for  segments 
running  servers,  and  1000  Mbps  for  large  schools  for  a  backbone  segment(s).  If  the 
topology  is  planned  this  way,  downstream  costs  can  be  reduced  or  minimized. 


END-TO-END  PERFORMANCE 

Assume  a  user  who  is  browsing  a  site  on  the  web  notices  that  it  takes  a  long  time  for  the 
desired  page  to  come  up  on  the  screen.  Often  the  user  attributes  this  lack  of 
performance  to  either  the  computer  (or  more  likely)  the  Internet  service  provider  (ISP). 
The  route  to  the  desired  server  is  illustrated  in  a  highly  stylized  form  in  Figure  3. 


In  a  typical  session  on  the  Internet,  the  server-client  path  may  be  quite  complex  and  vary 
from  one  web  site  to  another.  This  complexity  is  not  noticed  by  the  user,  who  usually 
observes  only  changes  in  performance.  The  end-to-end  connection  is  illustrated  in  a 
different  form  in  Figure  4.  While  there  may  be  relatively  fast  (Ethernet  or  10  Mbps) 
connections  from  the  user  computer,  there  may  be  any  other  number  of  network 
segment  speeds  between  the  user  and  the  server.  In  this  case  the  slowest  segment  is 
56  Kbps- 
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FIGURE  4:  END-TO-END  BLOCK  BROWSER  DIAGRAM 


Initial  analysis  of  the  network  may  indicate  that  the  slowest  link  (56  Kbps)  is  the  source 
of  the  slow  performance.  In  reality,  it  could  be  an  overcommitted  fast  link  like  the  T1 ,  a 
busy  web  server,  or  momentary  high  use  on  the  local  hub  the  user  is  attached  to. 

Keys  to  understanding  network  performance  include  taking  both  an  end-to-end  view  and 
a  ivser  point  of  view.  For  the  purposes  of  this  study,  the  destination  site  is  Alberta 
Education's  web  site  <http://ednet.edc.qov.ab.ca>  which  is  accessible  from  all  schools  in 
the  province. 

The  connection  between  Elk  Island  Public  Schools  (EIPS)  and  Alberta  Education,  a 
distance  of  approximately  twenty-five  kilometres,  is  accomplished  through  nineteen 
segments  ("hops"):  Sherwood  Park,  Toronto,  Calgary,  Edmonton,  and  then  the  server 
(Figure  5).  The  number  of  hops  may  vary  with  each  trace.  Each  hop  exhibits  different 
latency  (delay  measured  in  milliseconds)  to  the  browser  session.  Notice  that  three  hops 
have  relatively  large  delays — hop  13  (Toronto  to  Calgary)  at  781  milliseconds,  hop  1 1  at 
581  milliseconds,  and  hop  18  at  581  milliseconds.  In  this  example,  any  slowness 
perceived  by  the  user  is  not  within  the  district  but  rather  at  the  ISP  and  within  the  target 
network.  This  does  not  give  information  about  which  devices  are  giving  the  latency  or  if 
the  specific  times  were  a  result  of  momentary  congestion. 
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FIGURE  5:  TRACE  ROUTE  FROM  USER  TO  ALBERTA  EDUCATION 
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Tool  

Trace  route  (tracert)  is  a  DOS  command  available  under  NT.  There  are  UNIX 
equivalents. 


WAN  CONNECTION 

Since  WAN  connections  are  a  purchased  service,  it  is  important  to  buy  enough 
bandwidth  to  meet  the  needs  of  the  school/jurisdiction.  This  leads  to  the  questions, 
"How  much  bandwidth  is  enough?"  and  "How  can  bandwidth  be  determined?"  Three 
models  were  developed  to  answer  these  questions. 

Again,  there  are  design  issues  to  keep  in  mind.  If  the  school  is  large  and  bandwidth  may 
grow  over  the  next  few  years,  it  would  be  unwise  to  size  WAN  routers  and  WAN  capital 
purchases  that  do  not  allow  for  bandwidth  upgrade.  For  example,  a  user  may  change 
from  a  56  Kbps  to  ISDN  to  fractional  T1  to  Ethernet  in  a  relatively  short  number  of  years 
(particularly  in  urban  areas).  This  is  a  flexibility  issue  as  well  as  one  of  planning  for 
change. 


Tip   :  

Assume  the  WAN  connection  will  have  a  shorter  replacement  time  than  other  layers  of 
the  network. 


BANDWIDTH  MODEL 

Almost  every  school  in  Alberta  is  connected  to  the  Internet  by  one  of  these  means: 


• 

analog 

to  56  Kbps 

• 

centrex 

56  Kbps 

• 

ISDN 

128  Kbps 

• 

fractional  T1 

256  or  51 2 

• 

T1 

1 .54  Mbps 

• 

Ethernet 

1 0  Mbps 

Some  Alberta  schools  have  used  satellite  (400  Kbps  downlink  with  land  uplink),  cable 
modems  (to  20  Mbps  downlink  and  around  768  Kbps  uplink),  wireless  (2-3  Mbps), 
HDSL/xDSL  (early  1998),  and  AGNpac  (Government  of  Alberta— Public  Works,  Supply 
and  Services). 
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Key  Concepts 


1  byte  (B)  =  8  bits  (b).  128  Kbps  is  128,000  bits  per  second. 
1  MB  =  1  megabyte.  1  Mb  =  1  megabit. 

 '  

The  WAN  connection  size  can  have  a  dramatic  impact  on  user  response  times.  Table  1 
illustrates  various  common  WAN  connection  capabilities  and  the  length  of  time  required 
to  download  a  file.  This  model  was  developed  in  Microsoft  Excel  and  can  be  utilized  to 
estimate  bandwidth  requirements.  This  model,  used  in  conjunction  with  traffic  analysis, 
can  be  used  to  estimate  WAN  capacity. 


Bandwidth 

64  byte 

pps 

1518  +  64 

Max 

100  KB 

Type 

Kbps 

pps 

at  80% 

pps 

Bytes  per 
second 

Kbps 

#  sec 

Centrex 

56 

109 

88 

3.5 

7000 

7.0 

14.286 

ISDN 

128 

250 

200 

8.1 

16,000 

16.0 

6.250 

256 

256 

500 

400 

16.2 

32,000 

32.0 

3.125 

512 

512 

1000 

800 

32.4 

64,000 

64.0 

1.563 

T1 

1540 

3008 

2406 

97.3 

192,500 

192.5 

0.519 

Ethernet 

10,000 

19,531 

15,625 

632.1 

1,250,000 

1250.0 

0.080 

TABLE  1:  WAN  CONNECTION  SPEEDS 


Types  of  WAN  connections  appear  in  Column  1 ,  and  their  bandwidth  capacity  (in  Kbps) 
is  in  Column  2.  If  all  network  traffic  over  the  WAN  connection  occurred  in  64-byte 
packets  (which  it  does  not),  the  packet  rates  for  these  connections  would  be  as  shown  in 
Column  3.  ISPs  and  telcos  sometimes  refer  to  their  services  in  either  Kbps  or  pps.  It  is 
usually  the  network  running  with  64-byte  packets.  Column  4  gives  capacity  at  80  per 
cent.  Chronic  utilization  levels  above  80  per  cent  usually  indicate  that  capacity  should 
be  re-evaluated.  Column  5,  "1518  +  64,"  gives  the  scenario  if  all  packets  downloaded 
were  the  maximum  size  of  1518  bytes  with  a  64-byte  packet  acknowledgement.  There 
would  be  3.5  pps  over  a  centrex  in  this  scenario  and  97.3  pps  over  a  T1 . 

Packets  are  largely  meaningless  when  analyzing  performance.  Bytes  per  second '\s  a 
better  metric  of  bandwidth  capacity.  The  maximum  number  of  bytes  of  data  that  can 
pass  through  a  centrex  line  per  second  is  7000.  The  maximum  number  of  bytes  per 
second  over  a  256-Kbps  link  is  32,000. 

It  will  be  demonstrated  later  that  school  traffic  typically  is  between  9:00  a.m.  and  3:30 
p.m.,  or  6.5  hours.  The  overall  capacity  of  a  256-Kbps  connection  for  6.5  hours  would 
be  748.8  MB  (6.5  hours  X  3600  seconds  /  hour  X  32,000  bytes  per  second).  The  24- 
hour  maximum  capacity  would  be  2748  MB.  The  "off-hours"  capacity,  the  difference 
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between  the  theoretical  maximum  daily  rate  and  the  "prime  daytime  rate,"  would  be 
1999.2  MB.  This  is  the  maximum  amount  of  traffic  that  could  be  used  to  download 
curriculum  materials,  "whack"  web  pages,  update  CTS  modules,  update  video  content, 
and  do  all  the  other  things  that  could  be  done  in  off-hours. 

Knowing  WAN  link  byte  capacities  permits  the  estimation  of  the  amount  of  time  to 
download  files  of  various  sizes.  To  download  a  file  of  100  KB  would  require  14.286 
seconds  via  a  56-Kbps  line  and  0.51 9  seconds  via  a  T1 .  Note  that  this  is  simplified  in 
that  the  model  examines  total  traffic  and  not  just  a  one-way  transmission  of  a  single 
100-KB  file. 

Few  schools  have  only  one  user.  The  bandwidth  model  may  be  extended  to  examine 
any  different  number  of  users  (Table  2).  If  a  lab  of  thirty  computers  are  all  downloading 
a  1 00-KB  file,  it  will  take  428.6  seconds  on  a  centrex  line  and  1 5.6  seconds  on  a  T1 . 
With  428  seconds  (more  than  seven  minutes)  required  to  download  a  single  page,  the 
class  will  not  have  time  to  do  any  useful  work.  A  centrex  line  would  be  too  slow  for  their 
needs. 


100  KB 

Users 

Users 

Users 

Users 

Users 

Users 

#  sec 

10 

20 

30 

40 

50 

60 

Centrex 

14.286 

142.9 

285.7 

428.6 

571.4 

714.3 

857.1 

ISDN 

6.250 

62.5 

125.0 

187.5 

250.0 

312.5 

375.0 

256 

3.125 

31.3 

62.5 

93.8 

125.0 

156.3 

187.5 

512 

1.563 

15.6 

31.3 

46.9 

62.5 

78.1 

93.8 

T1 

0.519 

5.2 

10.4 

15.6 

20.8 

26.0 

31.2 

Ethernet 

0.080 

0.8 

1.6 

2.4 

3.2 

4.0 

4.8 

TABLE  2:  DOWNLOAD  TIMES  FOR  VARIOUS  NUMBERS  OF  USERS 


The  model  (tables  1  and  2)  will  permit  the  estimation  of  times  via  various  WAN 
connections  to  a  variable  number  of  end  users.  This  model  requires  knowledge  of  how 
much  data  is  to  be  downloaded.  To  illustrate  how  this  table  can  be  used  in  practical 
terms,  examine  the  Alberta  Education  web  site  home  page  (Figure  6) 
<http://ednet.edc.qov.ab.ca>. 
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ALBERTA 


The  Alberta  Education  website  (Ednet)  is  a 
comprehensive  i nternet  guide  for  K- 12  education  in  the 
province  of  Alberta,  Insid^e  you  will  find  the  latest 
information  on  education-enabling  technology, 
curnculurn  documents,  policy  and  legislation 
documents,  news  releases,  past  diploma 
examinations,  demographic  statistics  of  jurisdictions, 
schools  on  the  web,  and  much  more.  Ednet  also 
contains  links  to  other  education  stakeholder  websites 
m  the  province  of  Alberta  and  around  the  world,  and 
features  a  comprehensive  search  engine  for  finding 
documents  onsite. 
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'you  are  looking  for  information  about  Alberta's  post-secondary  institutions  and  other  learning  opportunities  in 
Alberta,  check  out  the  .Alberta  Learning  Informaliiin  Service  fALIS) 
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FIGURE  6:  ALBERTA  EDUCATION  WEB  SITE  HOME  PAGE 


At  the  top  of  this  home  page  is  the  picture  of  a  child  (Figure  7).  This  picture  is  a  "gif  file," 
22,798  bytes  in  size.  Using  the  model  developed  in  Table  1  and  replacing  the  100-KB 
file  size  with  23  KB,  a  single  user  would  take  approximately  3.3  seconds  to  download  the 
image  through  a  centrex  line.  It  would  take  approximately  0.1  seconds  to  download  the 
same  file  through  a  T1  (1 .54  Mbps).  It  would  take  98.6  seconds  to  download  this  single 
picture  to  thirty  computers  over  centrex  and  1 0.8  seconds  over  a  T1 . 


ALBERTA:  s 

ED U CAT.!  OX 


FIGURE  7:  ALBERTA  EDUCATION  HEADER 


The  model  works  for  projecting  bandwidth  if  the  file  size  is  known.  This  leads  to  the 
question,  "How  do  you  know  how  many  bytes  are  downloaded?"  Various  tools  can  be 
used  to  quantify  this  question. 
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Metric  Suggestion 


A  five-second  response  time  can  be  considered  the  upper  limit  for  a  terminal  user. 

A  twenty-second  response  time  can  be  considered  an  upper  limit  for  a  browser  on  an 
"average"  page. 
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TOOLS 

Given  that  a  school  or  jurisdiction  has  a  working  bandwidth  model,  the  next  problem  is  to 
determine  how  much  traffic  will  go  to  the  WAN  connection  and  therefore  what  WAN 
capacities  are  required.  As  indicated  below,  a  number  of  tools  with  a  wide  range  of 
costs  can  assist  users  in  network  analysis.  At  this  time,  no  one  tool  can  do  all  of  the 
analysis  that  a  user  may  wish  to  do.  Some  of  these  tools  include: 

•  Performance  Monitor.  An  inexpensive  way  to  determine  total  bytes  (if  an  NT 
workstation  or  NT  server  is  available)  is  to  use  Performance  Monitor  built  into  NT. 
The  network  interface  card  (NIC)  can  be  monitored  for  total  traffic,  disk  utilization, 
and  CPU  utilization. 

•  RM0N2  Probes  (hardware  and  software).  RMON  is  Remote  MONitoring  and  is 
an  industry  standard.  Elk  Island  Public  Schools  used  probes  from  Technically 
Elite  <http://www.tecelite.com>.  RMON  probes  are  useful  in  determining  long- 
term  traffic  patterns  as  well  as  which  computers  are  connecting  with  which  other 
computers  (Appendix  F). 

•  Network  monitoring  software.  HP  OpenView  provides  real-time  monitoring. 
Within  these  tools  are  traffic  patterns  (see  Appendix  D). 

•  Query  Router.  An  inexpensive  way  of  determining  total  bytes  is  to  query  the 
WAN  router  and  examine  byte  counts.  This  is  usually  performed  with  vendor- 
specific  software  or  some  common  tools  such  as  telnet. 

•  Low  cost  software.  NetMedic  <http://www.vitalsiqns.com>  provides  a  series  of 
tools  to  monitor  ISP  and  server  performance  (see  Appendix  C). 

•  Telco  utilization  reports.  Utilization  of  WAN  connections  can  be  obtained  by 
the  telephone  provider  (e.g.,  TELUS).  See  sample  of  traffic  analysis  in  Appendix 
E. 

•  Firewall  traffic  utilization  (Appendix  G).  If  the  school/district  is  using  a  firewall 
package,  this  software  usually  gives  information  that  is  useful  for  analysis. 


Tip 

Network  monitoring  such  as  HP  OpenView  or  its  equivalent  encourages  proactive 
management  of  the  network.  Instead  of  staff  phoning  and  saying  "I  can  not  seem  to  run 
student  records"  or  "I'm  having  a  problem  with  the  network,"  alarm  conditions  can  be  set 
in  the  software  to  immediately  notify  users  that  a  key  device  is  not  available.  Network 
monitoring  also  helps  to  build  a  profile  of  problem  devices  and  connections. 
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PACKET  SIZE 


Before  examining  output  analysis  from  various  tools,  it  is  necessary  to  differentiate 
between  traffic  in  bytes  and  packets.  The  maximum  number  of  bytes  (eight  bits)  per 
second  for  various  WAN  connections  was  given  in  Table  1 .  A  256-Kbps  line  has  a 
maximum  capacity  of  32,000  bytes  per  second.  Vendors  and  ISPs  often  talk  in  terms  of 
pacl<ets  per  second  A  brief  introduction  to  packets  is  required  to  understand  what  this 
means. 

Two  assumptions  used  for  this  paper  are  Ethernet  (within  the  building — ANSI  802.3)  and 
the  TCP/IP  protocol  (within  the  building  and  to  the  Internet).  Data  is  moved  from  one 
computer  to  another  in  bundles  called  packets.  The  smallest  Ethernet  packet  size 
allowed  is  64  bytes  and  the  largest  allowed  is  1518  bytes  with  various  sizes  between 
these  two  extremes.  All  data  transmitted  through  an  Ethernet  are  in  packets. 


Notes 


•  Only  one  packet  can  be  on  an  Ethernet  segment  at  a  time. 

•  It  takes  1 .23  milliseconds  to  send  a  1 51 8-byte  packet  followed  by  a  9.6-microsecond 
pause  (send-silence-send-silence-send  etc.). 

•  When  two  adapters  transmit  at  the  same  time,  there  is  a  collision.  Both  of  them  will 
"back  away"  and  send  later.  Ethernet  is  a  collision  detect  network.  (Actually,  it  is 
"CSMA/CD,"  which  is  carrier  sense  multiple  access  with  collision  detection.) 


This  report  will  not  go  into  the  actual  network  conversations  that  take  place  when  an 
Internet  browser  goes  to  a  site  like  the  Alberta  Education  web  site  home  page.  An 
analogy  of  the  network  conversation  is  as  follows: 

My  browser:  "Go  to  http://ednet.edc.qov.ab.ca" 
Name  Resolution 

My  computer:  "What  is  the  address  for  the  site?" 

Domain  Name  Server:  "Its  address  is  1 42.229. 1 8. 1 99." 

My  computer:  "Go  to  142.229.18.199." 

Local  Router:  "Where  is  142.229.18.199?" 

Various  number  of  segments  (hops)  to  arrive  at  ednet  server 
Elk  Island  Public  Schools  to  Alberta  Education  is  19  hops  with  the  current 
ISP  provider 

The  ednet  server  synchronizes  with  my  browser  at  this  point. 

Ednet  server:  "Here  is  the  homepage." 

Server:  1^^  packet 


My  Computer:  "Got  it" 

Server:  2""^  packet 

My  computer:  "Got  it." 

This  is  repeated  until  the  data  has  been  transmitted.  Each  segment  or  hop  is 
conducting  the  same  process  so  there  are  many  conversations  going  on. 

Server:  "Done." 
Total  pacf<ets  =  234.  Size  =  99, 128  bytes. 
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The  Alberta  Education  web  site  home  page  is  61  KB.  A  total  (send/receive)  of  91 ,128 
bytes  of  traffic  are  involved  in  downloading  the  home  page  (Figure  6).  This  was  done  in 
a  total  of  234  packets.  The  data  path  went  through  nineteen  segments  or  hops  (Figure 
5).  A  parenthetic  comment  is  in  order  here.  Before  optimizing  the  home  page,  217,560 
bytes  of  traffic  were  required  to  download  the  home  page.  This  was  done  in  a  total 
(send/receive)  of  417  packets.  As  more  people  develop  web  pages  for  central 
administration  and  schools,  it  is  important  to  remember  that  there  are  many  ways  to 
reduce  the  amount  of  traffic  required  to  access  server  pages.  Any  savings  in  size  is 
repeated  each  time  the  page  is  accessed. 

Servers  will  attempt  to  send  the  data  in  as  large  a  packet  as  possible  (usually  1518 
bytes),  and  the  response  will  be  an  acknowledgement  (64  bytes).  These  packets  are 
Ethernet  packets  and  may  be  disassembled  and  re-assembled  by  the  various  devices  on 
each  hop  or  segment  of  the  end-to-end  pathway. 

The  actual  network \ra^Y\c  travelling  over  the  network  is  greater  than  just  the  number  of 
bytes  of  the  host  page.  This  reality  has  to  be  taken  into  account  when  performance  is 
being  examined.  Each  hop  also  can  be  a  potential  performance  bottleneck! 

What  do  typical  Internet  (TCP/IP)  packets  look  like?.  All  data  sent  to  and  from  a 
computer  on  an  Ethernet  segment  follow  highly  structured  standards  (ANSI/IEEE  802.3) 
agreed  to  on  a  global  basis.  Both  the  IP  address  (derived  from  a  domain  name  server 
and  the  PC)  and  the  Ethernet  address  (a  unique  address  built  into  each  Ethernet 
adapter)  are  used  to  communicate. 

The  data  is  encapsulated  within  the  packet  and  may  be  either  a  small  or  large  portion  of 
the  packet.  The  smallest  packet  size  is  64  bytes  and  the  largest  is  1518  bytes.  Key 
pieces  of  an  Ethernet  packet  are  illustrated  in  Table  3.  A  detailed  version  of  Table  3  in 
included  in  Appendix  H,  Figure  38. 


Packet  #1 

Packet  Length:  146 

Timestamp:  14:12:29.820935  02/04/1998 
Ethernet  Header 

Destination:  00:e0:b0:63:b3:eb 

Source:  00:60:08:a3:1 1  :bd 

Source  IP  Address:  142.60.255.43 

Dest.  IP  Address:  142.229.18.199 

Data 

TABLES:  ETHERNET  PACKET 


The  length  of  the  packet  is  146  bytes,  and  the  timestamp  was  14:12:29  on  February  4, 
1998.  Next  are  two  physical  addresses — the  destination  and  the  source.  Physical 
addresses  are  unique  to  each  Ethernet  device.  Every  NIC,  hub  port,  router  port,  etc.  has 
a  unique  hardware  address  that  is  akin  to  a  DNA  sample  or  a  retinal  scan.  It  is  an 
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address  in  hex,  where  the  first  three  pairs  of  numbers  indicate  the  manufacturer  of  the 
Ethernet  device.  The  source  address  above  has  a  manufacturer  00:60:08,  which  is 
3COM.  The  next  three  pairs  of  numbers  are  unique  for  that  manufacturer:  in  this  case, 
63:b3:eb,  which  is  a  hex  representation  of  a  binary  number  (6  =  1010,  3  =  0011, 
b  =  1 01 1 ,  3  =  001 1 ,  e  =  1 1 1 0,  b  =  1 01 1 ).  Usually  the  hardware  address  and  source 
addresses  are  the  same. 


Tips 

•  You  can  find  your  Ethernet  address  under  NT  by  looking  in  the  control  panel  in 
Networks  under  the  adapter  tab. 

•  Every  school,  jurisdiction,  and  department  should  record  the  TCP/IP  address  as 
well  as  the  Ethernet  address  whenever  a  new  computer  is  acquired  or  a  new 
Ethernet  connection  is  made  to  the  network.  These  addresses  are  essential  for 
network  monitoring  and  troubleshooting. 

•  When  a  browser  is  in  use,  a  time-out  often  occurs  when  a  site  is  accessed  that  is  not 
visited  often  (not  in  any  cache  table,  etc.).  The  result  is  an  error  message  that  "A 
site  was  not  found  or  did  not  have  a  DNS  entry."  Resending  the  request  usually 
allows  a  user  to  reach  the  destination. 

The  source  and  destination  IP  addresses  are  next.  These  numbers  are  assigned  by 
someone  within  the  school  or  jurisdiction.  In  this  case  the  source  address  is 
142.60.255.43  and  the  destination  address  is  142.229.18.199.  Understanding  the  IP 
address  is  essential  when  working  with  security  within  a  school.  For  example: 

•  It  is  desirable  for  remote  users  who  dial  in  to  have  an  easily  identifiable  address 
range.  This  makes  it  easier  to  track  after-hours  use,  which  is  a  very  common 
opening  for  unauthorized  access. 

•  If  administration  and  staff  are  on  a  different  "subnet"  or  address  range,  it  is 
possible  to  control  the  flow  of  traffic  within  a  school.  This  could  permit  a  teacher 
to  access  a  server  on  the  "instructional  side"  of  the  school  network  but  prevent 
student  access  to  the  administrative  side  of  the  network. 

•  IP  addresses  can  be  one  of  two  types— static  or  dynamic.  Static  addresses  are 
assigned  to  a  particular  computer  and  do  not  change.  Dynamic  addresses  are 
assigned  as  needed  and  can  change  from  one  time  to  another.  It  is  useful  to 
assign  a  dynamic  IP  address  for  as  long  a  period  of  time  as  possible  for  network 
troubleshooting  or  else  have  a  log  of  which  physical  address  an  IP  address  was 
assigned  to  and  for  what  period  of  time. 

Security  should  always  be  a  concern  for  every  school.  The  packet  analyzed  was 
acquired  by  a  class  of  software  referred  to  as  packet  capture  software.  Packet  capture 
software  is  designed  to  capture  information  on  the  network  for  analysis  and  trouble- 
shooting. It  can  be  used  to  identify  devices  causing  such  problems  as  broadcasting  too 
often  on  the  network.  It  can  be  used  to  analyze  what  software  is  doing  on  the  network. 
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In  this  report  it  was  used  to  analyze  traffic  between  a  browser  and  an  Internet  host.  It  is 
a  very  powerful  tool. 

Being  powerful,  packet  capture  software  also  can  be  misused.  It  could  be  used  by 
students  to  monitor  a  final  exam  being  sent  to  a  printer,  to  capture  passwords  going 
through  the  network  in  "clear  text,"  and  so  on.  It  could  also  be  used  to  monitor  e-mail. 
Since  this  software  captures  packets  in  a  passive  fashion,  it  is  impossible  to  detect  from 
the  network.  This  leads  to  the  need  to  restrict  the  use  of  such  software  within 
jurisdictions  to  the  individuals  who  are  required  to  use  it  and  to  delineate  the 
circumstances  requiring  its  use. 

When  wiring  a  school  or  jurisdiction  office,  be  careful  to  physically  separate  cable  so  that 
it  is  difficult  to  access  the  physical  network  connection  of  secure  users  (usually 
administration).  These  should  be  separated  on  different  hubs  or  with  switches  that  do 
not  share  traffic  from  users  who  may  attempt  to  capture  data.  Students  and  staff  can 
easily  download  trial  versions  of  packet  capture  software  (if  the  network  allows  this  type 
of  traffic)  and  the  problem  could  be  spread  throughout  a  jurisdiction  in  a  very  short 
period  of  time. 


Tip 

Make  a  policy  restricting  the  use  of  packet  capture  software. 

'wr.  ' — — — : —  :  


EIPS  WAN  ANALYSIS— PACKET  SIZE 

EIPS  currently  has  a  256-Kbps  connection  to  its  ISP.  This  Internet  connection  was 
monitored  over  a  period  of  time.  Using  the  model  provided  by  Table  1 ,  we  know  the 
maximum  capacity  of  this  link  is  32,000  bytes  per  second.  This  traffic  analysis  was 
derived  from  the  use  of  Size  Trend  (Figure  8),  one  of  the  elements  of  an  RMON  probe 
which  permits  longer-term  analysis  of  traffic  patterns. 
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FIGURE  8:  RMON  PACKET  SIZE  TREND  (15-SECOND  SAMPLE,  MARCH  6,  1998) 


Size  trend  provides  three  pieces  of  information:  packet  size  distribution  in  bar  form  for 
the  sample  (here  fifteen  seconds),  a  pie  chart  distribution  of  cumulative  size  distribution 
(here  120  days),  and  a  table  showing  changes  in  sample  distribution  and  cumulative 
packet  counts.  This  cumulative  count  can  be  used  to  generalize  traffic  needs  for  the 
WAN.  Note  that  while  the  count  in  Figure  8  was  taken  much  later  (March  6,  1 998)  than 
the  data  for  the  model  in  Table  4  (January  6,  1998),  the  percentage  distribution  is  very 
similar.  This  means  that  the  packet  size  distribution  over  this  two-month  period  has 
been  quite  stable. 

Notice  in  the  RMON  packet  size  trend  (Figure  8  table  at  bottom)  that  the  probe 
categorized  the  packet  sizes  into  packet  size  groups  and  gave  actual  packet  counts 
observed  within  each  grouping.  These  groupings  (64,  65-127,  etc.)  are  standard  RMON 
groupings.  A  packet  that  is  124  bytes  long  would  be  counted  in  the  65-127  grouping. 
Using  this  raw  data  from  the  observed  counts  in  the  probe  would  be  very  misleading. 

Each  data  packet  received  on  a  network  has  to  have  a  packet  sent  back  to  the  sending 
computer  acknowledging  that  it  was  received  (an  acknowledgement  or  ACK  packet). 
The  "observed"  packet  counts  from  the  RMON  probe  are  therefore  corrected  (Table  4)  to 
determine  the  real  distribution  of  packets.  The  observed  packets  by  group  (Columns  1- 
3)  are  obtained  from  the  probe  results.  In  this  case  there  were  32,138,748  packets 
(Column  2)  or  58  per  cent  (Column  3)  packets  of  size  64  bytes,  3,710,830  (seven  per 
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cent)  of  size  64-127  bytes,  etc.  for  a  total  number  of  packets  of  55,328,321 .  Since  every 
packet  lias  an  acknowledgement  packet,  one-half  of  the  packets  (27,664,161)  must  be 
these  ACK  packets  and  the  other  half  data  packets.  Removing  the  ACK  packets  from 
the  observed  64-byte  packets  yields  the  number  of  data  packets  of  length  64  - 
4,474,588  (32,138,748  -  27,664,161).  The  true  distribution  of  packets  (Columns  4-7) 
illustrate  the  true  distribution  of  packet  by  groups  (Column  7  bold).  To  summarize,  the 
RMON  probe  gives  true  counts  but  these  counts  must  be  understood  to  examine  true 
data  distribution. 


Column  1 

Column  2 

Col.  3 

Column  4 

Column  5 

Column  6 

Col.  7 

Column  8 

Column  9 

256  Kbps 

Observed 

Total 

MAX  32  000 

Packet  Size 

n 

% 

Data 

Ack 

packets 

% 

Bps 

MAX  pps 

61 -day  sample  to 
January  6,  1 998 

64 

32,138,748 

58% 

4,474,588 

4,474,588 

8,949,175 

16% 

5176 

40 

65-127 

3,710,830 

7% 

3,710,830 

3,710,830 

7,421,660 

13% 

4292 

22 

128-255 

2,192,315 

4% 

2,192,315 

2,192,315 

4,384,630 

8% 

2536 

8 

256-51 1 

3,145,617 

6% 

3,145,617 

3,145,617 

6,291,234 

11% 

3639 

6 

512-1023 

7,422,880 

13% 

7,422,880 

7,422,880 

14,845,760 

27% 

8586 

8 

1024-1518 

6,717,931 

12% 

6,717,931 

6,717,931 

13,435,862 

24% 

7771 

5 

55,328,321 

27,664,161 

27,664,161 

55,328,321 

32,000 

90 

Total  Bytes 

22,502,503,034 

Max  @64  +  64 

250 

Max  (2)1518  +  64 

20.2 

TABLE  4:  INTERNET  PACKET  ANALYSIS 


Given  this  distribution  (Column  7),  it  is  possible  to  predict  the  number  of  bytes  generated 
by  each  of  these  groups  as  well  as  the  number  of  packets  per  second.  For  traffic  of  the 
EIPS  profile  the  typical  number  of  packets  per  second  observed  was  90  pps.  From  the 
bandwidth  of  32,000  bytes  per  second,  it  is  possible  to  estimate  the  maximum  number  of 
pps  for  the  connection.  If  all  packets  were  64  bytes  (+  64  bytes  ACK),  the  maximum 
number  of  packets  would  be  250  pps.  If  all  packets  were  1518  bytes  (+  64  bytes  ACK), 
the  maximum  would  be  20  pps. 

It  should  be  noted  that  packet  traffic  is  dynamic  and  changes  over  time.  The  RMON 
probe  illustrates  this  (Figure  9)  showing  the  changing  packet  distribution  over  time. 
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FIGURE  9:  INTERNET  PACKET  SIZES 


Tip 

•  The  maximum  bandwidth  for  any  WAN  connection  (e.g.,  256  Kbps  =  32,000  bytes 
per  second)  will  not  change. 

•  Capacity  quoted  by  ISPs  in  packets  per  second  (pps)  is  not  a  meaningful  metric  for 
WAN  connection  speeds. 


_  Findings 


•  Packets  sent  and  received  on  a  WAN  tend  to  be  symmetric,  having  similar  counts. 
Total  traffic  sent  and  received  measured  in  bytes  is  highly  asymmetric,  with  many 
more  bytes  received  than  sent.  While  the  ratio  of  received  to  sent  will  vary,  it  is  in 
the  order  of  between  8:1  and  10:1. 

•  Traffic  measured  in  bytes  from  a  user  to  a  server  will  be  less  than  from  that  server. 

•  Since  most  of  the  WAN  traffic  is  K-1 2  student  traffic,  the  packet  size  distribution 
(Column  7)  may  be  generalized  to  other  school  jurisdictions. 

•  The  packet  size  trend  for  Internet  traffic  (Figure  9)  is  very  different  from  the  trend 
over  a  typical  Ethernet  segment.  You  can  not  use  the  analysis  of  an  Ethernet  to 
project  WAN  traffic. 

•  Internet  traffic  has  high  use  of  larger  packets  due  to  the  number  and  sizes  of  graphic 
elements. 
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EIPS  WAN  ANALYSIS— PERFORMANCE  MONITOR 


The  use  of  an  RMON  probe  was  described  and  a  model  was  developed  to  show  packet 
size  distribution.  There  are  other  ways  of  monitoring  a  network  that  involve  less 
expensive  tools.  One  of  these  tools  is  the  Performance  Monitor  that  comes  as  part  of 
NT.  Performance  Monitor  can  be  used  to  monitor  various  components  within  a 
computer  and  is  useful  in  determining  I/O  bottlenecks,  CPU  performance  problems,  and 
so  on.  Usually  this  is  done  on  key  devices  like  cache  servers,  file  servers,  etc. 
If  the  school  is  using  an  NT-based  computer  for  a  proxy  server  or  the  district  is  using  NT 
for  its  firewall  software,  it  is  possible  to  use  Performance  Monitor  to  monitor  the  network 
interface  card  (NIC)  and  hence  the  bandwidth  utilization.  The  EIPS  firewall  was 
analyzed  in  such  a  way  (Figure  10). 
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FIGURE  10:  PERFORMANCE  MONITOR  OF  256  Kbps  FROM  ETHERNET 


Performance  Monitor  can  monitor  approximately  thirty  objects,  two  of  which  are  the 
network  interface  and  processor.  It  gives  four  views — chart  (used  in  Figure  10),  alert, 
log,  and  report.  Each  object  type  contains  counters  or  specific  items  that  can  be 
measured.  In  Figure  10,  five  counters  were  monitored — four  on  the  NIC  and  the  CPU. 
Which  counters  are  to  be  monitored,  as  well  as  the  colour  and  scale  of  the  counters,  is 
up  to  the  user. 
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In  this  case  the  highlighted  counter  (Bytes  Total/sec)  is  on  the  chart  at  1/1000  (0.001) 
and  is  displayed  in  a  heavy  line.  Count  values  for  the  selected  counter  appear  below  the 
chart.  During  the  100-second  period  of  the  chart,  average  traffic  received  was  6162  Bps 
with  a  maximum  peak  of  23,538  Bps  and  889  Bps  in  the  last  second.  Use  of  the  chart 
gives  a  real-time  look  at  a  particular  counter. 

Monitoring  the  total  bytes  per  second  counter  of  the  NIC  connected  to  the  WAN  is  an 
excellent  method  for  determining  when  saturation  is  being  reached.  Alarms  can  be  set 
for  80  per  cent  and  90  per  cent  utilization  for  monitoring  peak  utilization  patterns.  The 
data  can  also  be  logged  over  a  longer  period  of  time  for  more  detailed  analysis. 


Tip         _  _ 

Increased  bandwidth  capacity  is  required  when  WAN  traffic  exceeds  80  per  cent  for 
sustained  periods  of  time.  This  assumes  that  various  bandwidth  conservation 
techniques  have  been  used. 


The  WAN  is  a  shared  resource.  In  EIPS,  many  schools  are  all  sharing  the  available 
256-Kbps  (32,000  Bps)  Internet  connection.  Every  computer  user  on  the  WAN  has  an 
impact  on  every  other  one.  For  this  reason  some  jurisdictions  choose  to  restrict  what 
students  can  do.  For  example,  they  may  choose  not  to  allow  files  to  be  downloaded. 
Ignoring  the  security  rationale  for  this,  there  is  a  good  bandwidth  reason  why  this  may  be 
a  valid  restriction. 

FTP  is  a  common  protocol  used  to  download  files.  A  test  was  done  on  FTP  on  a  quiet 
network  (little  or  no  WAN  activity).  The  test  involved  downloading  a  version  of  proxy 
server,  a  task  not  uncommon  for  systems  support  personnel.  Three  views  of  this 
download  were  used  (Figure  11).  The  location  window  (top  right  view)  indicates  a  file 
size  of  12,71 1  KB  and  gives  the  usual  estimate  of  time  remaining  and  amount 
completed. 
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FIGURE  11:  FTP  ON  WAN  AND  LOCAL  NIC 


Performance  Monitor  (large  background  view)  was  used  to  siiow  what  was  happening  at 
both  the  firewall  and  the  local  computer  NIC.  The  average  traffic  received  on  the  local 
computer yNas  20,971  Bps  with  very  little  traffic  sent  (small  peak  at  bottom  of  chart  just 
below  large  peak).  The  average  fofa/ traffic  on  the  firewall  ^as  21 ,948  Bps.  In  other 
words,  the  FTP  session  took  nearly  22,000  Bps  of  the  32,000  Bps  maximum  available. 
The  likely  reason  that  the  FTP  session  did  not  take  all  of  the  bandwidth  was  due  to 
latencies  between  the  firewall  and  the  destination  host. 

One  user  will  take  as  much  bandwidth  as  is  available.  This  is  true  of  all  browsers  and 
other  users  on  the  WAN.  The  difference  between  a  browser  user  and  an  FTP  user  is  a 
matter  of  scale.  An  FTP  user  typically  utilizes  high  bandwidth  for  longer  periods  of  time 
than  a  browser  user. 

WAN  TRAFFIC— CONTENT 

It  is  possible  to  analyze  all  traffic  on  the  WAN.  One  of  the  useful  features  possible  in  a 
firewall  package  is  the  capture  of  accounting  information.  This  information  can  be 
downloaded  to  other  tools  such  as  databases  or  spreadsheets  for  further  analysis.  The 
total  traffic  from  selected  dates  was  analyzed  within  EIPS.  One  date— January  15, 
-I998_was  analyzed  in  detail  for  this  study  (this  arbitrary  date  may  or  may  not  be 
representative). 
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Jan  15  1998  Internet  Traffic 


FIGURE  12:  WAN  TRAFFIC  BY  SITE 


Total  traffic  for  January  1 5  was  approximately  541  MB.  Of  this  traffic: 

•  a  large  senior  high  school  (grades  1 0-1 2)  accounted  for  24.2  per  cent 

•  a  large  junior  high  school  (grades  7-9),  1 4.2  per  cent 

•  another  senior  high  school,  1 3.5  per  cent 

•  a  more  distant  high  school  (grades  7-1 2),  1 1  per  cent. 

Of  interest  here  is  not  the  total  traffic  but  rather  how  the  schools  are  connected.  All  of 
the  senior  high  schools  were  properly  wired  during  the  summer  of  1997,  so  their 
infrastructure  was  in  place.  The  junior  high  school  cited  is  largely  wired,  but  not  to  the 
same  extent  as  the  high  schools.  Most  of  the  other  schools  were  not  wired.  In  addition, 
most  of  the  high  traffic  schools  have  good  WAN  speeds  within  the  jurisdiction.  The  24.2 
per  cent  school  is  connected  via  fibre,  the  14.2  per  cent  school  by  cable  modem,  the 
13.5  per  cent  school  by  2-Mbps  wireless.  The  distant  high  school  is  currently  connected 
by  56  Kbps  but  is  in  the  process  of  converting  to  AGNpac. 

Having  the  proper  wiring  infrastructure  is  essential  to  the  use  of  the  Internet.  Equitable 
bandwidth  from  the  school  is  essential. 

All  of  the  January  15,  1998  traffic  was  sorted  in  descending  order  of  size  (number  of 
bytes).  Sixty-one  sessions  (Appendix  G)  were  greater  than  500,000  bytes.  The  total 
traffic  of  these  sixty-one  sessions  was  1 1 5,359,471  bytes  (21 .4  per  cent  of  total)  in 
1 91 ,007  packets.  This  traffic  occurred  in  seven  services  (Table  5).  FTP  accounted  for 
1 0.5  per  cent  of  the  traffic  for  sessions  of  500,000  bytes  or  more,  or  2.3  per  cent  of  total 
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traffic.  (There  could  be  more  FTP  traffic  in  other  sessions  for  traffic  less  than  0.5  MB.) 
RealAudio  accounted  for  approximately  half  of  this  amount  at  5.8  per  cent. 


Sum  of  Bytes 

Service 

Bytes 

Top 

Total 

5000 

1 ,362,983 

1 .2% 

0.3% 

666 

19,255,018 

16.7% 

3.6% 

6667 

679,919 

0.6% 

0.1% 

FTP 

12,144,936 

10.5% 

2.3% 

HTTP 

72,510,046 

62.8% 

13.5% 

pop-3 

2,745,975 

2.4% 

0.5% 

RealAudio 

6,680,594 

5.8% 

1 .2% 

Grand  Total 

115,379,471 

21.4% 

TABLE  5:  SUMMARY  OF  TRAFFIC  BY  SERVICE 


Of  the  files  over  0.5  MB  that  were  downloaded,  movies  (".mov")  made  up  38.7  per  cent 
of  the  traffic.  Programs  (".exe"  and  ".hqx")  account  for  6  per  cent  and  0.8  per  cent  of 
traffic.  Examination  of  the  destination  files  (see  Appendix  J,  Figure  42)  reveals  that  most 
of  the  movie  files  and  sound  files  are  entertainment-related.  While  it  is  understandable 
that  students  will  want  to  go  to  these  types  of  sites,  it  is  difficult  to  justify  from  the 
perspective  of  total  available  bandwidth.  While  a  particular  school  or  teacher  might  not 
mind  students  going  to  these  sites,  bandwidth  is  limited  and  every  connected  user  has 
an  impact  on  every  other  user.  A  5.8-MB  movie  file  of  Scream2  has  an  impact  on  every 
class  trying  to  do  curriculum-related  work. 


Sum  of  Bytes 

Type 

Bytes 

Top 

Total 

42,869,425 

37.2% 

8.0% 

.au 

8,143,345 

7.1% 

1.5% 

•qt 

577,645 

0.5% 

0.1% 

AVI 

1,974,036 

1 .7% 

0.4% 

exe 

6,891,476 

6.0% 

1 .3% 

gif 

1,184,388 

1 .0% 

0.2% 

hqx 

922,878 

0.8% 

0.2% 

jpg 

524,459 

0.5% 

0.1% 

mov 

44,709,045 

38.7% 

8.3% 

wav 

6,857,769 

5.9% 

1 .3% 

zip 

725,005 

0.6% 

0.1% 

Grand  Total 

115,379,471 

21.4% 

TABLE  6:  SUMMARY  OF  TRAFFIC  BY  FILE  TYPE 


The  variety  of  possible  solutions  to  issues  raised  here  are  beyond  the  scope  of  this 
report. 
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WAN  EQUITY 


Not  all  schools  in  the  province  or  even  within  a  jurisdiction  have  the  same  WAN  options 
as  others.  Urban  schools  and  large  schools  usually  have  more  options  that  rural  schools 
and  small  schools.  It  is  possible  to  begin  to  quantify  bandwidth  requirements  by  school 
(Table  7).  One  common  assumption  is  that  the  bandwidth  requirements  of  students  at 
different  levels  is  different.  For  example,  if  it  is  assumed  that  a  grades  7-12  school 
requires  a  bandwidth  of  of  56  Kbps  per  student,  a  school  with  987  students  would 
require  55,210  Kbps  or  55.2  Mbps.  Clearly,  this  model  is  too  simplistic. 


Grade  Level 

#  Students 

Kbps  per 
student 

Total  Kbps 

ECS 

0 

1-3 

0 

4-6 

0 

7-9 

476 

56 

26,656 

10-12 

510 

56 

28,560 

Total 

987 

55,210 

TABLE  7:  SCHOOL  BANDWIDTH  PROJECTION 


A  model  must  be  flexible  enough  to  allow  for  altering  bandwidth  requirements.  Some  of 
the  variables  are: 

•  the  number  of  stand-alone  computers  attached  to  the  school  LAN. 

LAN-connected,  stand-alone  computers  are  those  computers  in  various  rooms 
and  locations  ttiat  are  capable  of  using  the  WAN.  It  is  assumed  that  not  all  of 
these  would  be  on  the  WAN  at  the  same  time  (perhaps  20  per  cent  would  be). 

•  the  number  of  labs  by  type  (15,  20,  25,  30,  etc.  computers)  and,  for  each  lab, 
whether  or  not  the  class  will  work  on  group  or  individual  projects. 

During  study  periods,  some  computers  would  be  doing  word  processing,  some 
using  the  WAN,  and  so  on. 

•  the  number  of  computers  in  a  library-type  setting. 

•  the  number  of  computers  used  by  staff. 

•  the  number  of  GTS  or  other  high-bandwidth-use  computers  (video,  real-time 
audio,  distance  education,  etc.). 

A  school's  bandwidth  can  be  estimated  (Table  8).  This  school  has  a  population  of  1068 
and,  in  time,  every  student  could  have  a  computer.  Since  the  maximum  number  of 
computers  would  be  1068,  the  network  infrastructure  has  to  be  built  accordingly.  A  ratio 
of  15:1  for  the  number  of  students  per  computer  provides  an  estimate  of  eighty-three 
computers,  while  a  5:1  ratio  yields  214  computers.  It  then  requires  the  bandwidth  to  be 
estimated.  All  assumptions  about  bandwidth  appear  in  italics. 
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School  Population 

1068 

Number  of  computers  @  15:1 

83 

Number  of  computers  @  5:1 

214 

Maximum  #  student  computers 

1068 

Student  Stand-alone  Computers 

Bandwidth — stand-alone  Kbps  per  student 

56 

%  stand-alone  on  WAN 

20% 

Stand-alone  bandwidth  @  5:1  (Kbps) 

2397 

Labs 

Two  labs  of  30 

60 

Bandwidth — lab  Kbps  per  student 

56 

Lab  %  of  computers  on  WAN  concurrently 

100% 

%  lab  bandwidth  by  cache  server 

20% 

Lab  bandwidth  (Kbps) 

2352 

Staff 

Number  of  staff 

90 

Number  of  staff  computers 

30 

%  of  staff  on  WAN 

50% 

Bandwidth — Kbps  per  staff 

56 

%  bandwidth  saved  by  cache 

35% 

Staff  bandwidth  (Kbps) 

294 

Net  School  Bandwidth  Requirement  (Kbps) 

5043 

TABLE  8:  SCHOOL  BANDWIDTH  ESTIMATION 


This  model  separates  assumptions  from  easily  derived  metrics  in  order  to  examine  their 
impact.  If  the  established  standard  for  the  school  is  56  Kbps  per  student  and  20  per  cent 
of  the  214  stand-alone  student  computers  are  on  the  WAN  concurrently,  the  bandwidth 
required  for  this  portion  of  the  school  is  2397  Kbps  (2.397  Mbps). 

These  are  not  the  only  computers  in  a  school.  Assume  that  there  are  two  labs  with  thirly 
computers  each  (or  one  lab  of  thirty,  another  lab  of  fifteen,  and  fifteen  in  a  library — sixty 
computers  in  definable  groups).  Again,  assuming  56  Kbps  per  student  on  the  WAN  and 
1 00  per  cent  of  students  on  the  WAN  and  20  per  cent  of  their  traffic  successfully  cached 
in  a  cache  server,  the  bandwidth  impact  of  the  labs  would  be  2352  Kbps  (2.352  Mbps). 
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Staff  (both  teaching  and  support)  also  use  computers.  Assuming  thirty  staff  computers 
with  50  per  cent  on  the  WAN  concurrently  and  35  per  cent  of  their  traffic  cached  in  the 
cache  server,  the  bandwidth  requirements  would  be  294  Kbps  (0.294  Mbps).  The 
school  total  required  would  be  5043  Kbps  (5.043  Mbps). 

Few  schools  would  pay  for  5-Mbps  WAN  connections  at  current  prices.  The  utility  of  a 
model  is  that  various  "what-if"  scenarios  may  be  run  in  order  to  examine  and  refine 
assumptions. 

•  Reducing  the  bandwidth  standard  to  28  Kbps  (50  per  cent  reduction)  or  some 
other  rate  would  decrease  the  requirements  by  50  per  cent  (approximately  2.5 
Mbps). 

•  Improving  the  cache  server  hit  rates  by  tuning,  utilizing  larger  drives,  etc.  would 
further  reduce  bandwidth. 

•  Scheduling  classes  in  the  labs  so  that  only  one  of  them  is  on  the  WAN  at  any 
time  reduces  the  lab  impact  of  the  two  labs  by  50  per  cent. 

•  Eliminating  non-essential  traffic  would  decrease  requirements. 

•  Identifying  high-use  sites  and  mirroring  them  in  the  jurisdiction  or  school  would 
reduce  bandwidth  requirements. 

"What-if"  analysis  can  be  used  to  create  a  worst-case  scenario.  In  this  school,  the  worst 
case  would  be  to  have  every  staff  member  and  student  all  using  video  at  the  same  time. 
The  LAN  within  the  school  must  be  designed  to  be  worst-case  ready.  This  will  require 
secure  wiring  closets  with  10/100-Mbps  segments  that  are  1000  Mbps  ready.  The 
number  of  servers  will  continue  to  grow  as  the  amount  of  electronic  services  and  the 
complexity  of  the  environment  increase. 

Most  school  staff  have  "a  feel"  for  what  is  going  on  in  the  school  and  can  identify  WAN 
utilization  somewhat  intuitively.  Given  access  to  some  of  the  tools  identified  in  this 
report,  it  would  be  possible  to  monitor  the  total  bytes,  which  IP  addresses  are  generating 
traffic,  which  protocols  are  being  used,  and  so  on. 


Enterprise  Perspective 


WAN  bandwidth  is  dynamic  in  that  instantaneous  utilization  varies  from  moment  to 
moment.  It  also  is  a  limiting  resource;  everyone  has  an  impact  on  the  performance  of 
everyone  else.  In  jurisdictions  running  a  system  WAN,  every  user  in  a  school  has  an 
impact  on  every  other  user  in  the  other  schools.  In  site-based  decision  making,  this 
level  of  integration  is  unusual. 


Using  the  Internet  as  a  "noon-hour  supervisor"  in  one  school  impedes  another  school 
from  doing  curricular-related  work. 
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Equalizing  the  cost  per  Kbps  among  all  schools,  much  like  sparsity  and  distance. 

Measuring  WAN  capacity  in  Kbps  per  WAN  user  and  not  Kbps  per  school,  which 
ignores  the  numbers  of  students  and  computers  involved. 


SHARED  BANDWIDTH— THE  CASE  FOR  A  SWITCH 

Many  schools  install  "dumb  hubs"  in  the  network  layer  since  the  cost  per  port  is  lower 
than  other  alternatives.  For  example,  an  unmanaged  hub  sells  for  about  $680  while  the 
managed  version  sells  for  about  $11 00.  A  school/department  that  acquires  the 
unmanaged  hub  will  not  be  able  to  use  network  tools  such  as  OpenView  to  monitor  it. 


Cost  per  port  is  useful  for  planning  network  costs;  e.g.,  $75  per  port  or  $X  per  port. 


As  LAN  network  traffic  increases  (and  also  as  security  becomes  more  of  a  concern)  the 
use  of  hubs  should  be  re-examined.  Assume  that  a  24-port  hub  is  in  use.  When  a 
computer  attached  to  one  of  the  ports  downloads  a  large  file,  every  other  computer 
attached  to  that  hub  also  "sees"  that  traffic.  Each  computer's  network  card  is  busy  even 
though  the  individual  computer  is  not  downloading  any  data.  When  a  user  does  create 
network  traffic  by  browsing,  etc.,  that  network  traffic  competes  with  the  other  traffic  on 
the  hub. 


Metric 

Isil  

A  10-Mbps  Ethernet  segment  generally  becomes  "saturated"  above  30  per  cent  or 
3  Mbps. 
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Library  Server 


Library  Server 


Target 
User  /: 


All  get  traffic 


One  gets 
,  traffic 


100  Mbps 


FIGURE  13:  HUB  VERSUS  SWITCH 


The  use  of  a  switch  helps  control  where  network  traffic  is  transmitted.  A  proper  switch 
will  transmit  the  data  only  to  the  port  requiring  it,  thus  reducing  the  overall  traffic  to  other 
computers  on  the  segment  (Figure  13).  Note  that  even  for  small  schools  it  is  highly 
desirable  to  have  a  100-Mbps  segment  since  network  traffic  for  on-line  encyclopedias 
and  multimedia  will  require  this  bandwidth.  Large  schools  should  be  designed  to  move 
segments  to  1000  Mbps  when  the  need  arises. 


Switched  to  the  desktop.  Just  do  it. 
 — : — :  : 


CACHE  SERVER 

One  technique  for  removing  traffic  from  the  WAN  connection  is  the  use  of  a  cache 
server.  Cache  servers  are  usually  dedicated  computers  running  software  such  as 
Netscape's  Proxy  Server  or  Microsoft's  Proxy  Server.  Each  time  a  user  accesses  a  new 
page,  the  local  copy  of  the  browser  copies  the  files  to  its  hard  disk.  If  this  site  is 
accessed  again,  a  copy  of  the  file  is  read  from  the  local  cache  file  and  the  traffic  is  not 
downloaded  from  the  network  (Figure  14). 
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FIGURE  14:  CACHE  SERVER 


If  a  cache  server  is  installed  on  the  network,  each  web  page  is  copied  to  the  cache 
server's  hard  disk.  The  first  time  a  web  site  is  accessed,  the  data  is  sent  to  the 
requesting  computer  and  also  is  written  to  the  hard  disk  drive  on  the  cache  server. 
Subsequent  user  requests  to  that  web  site  will  likely  be  served  from  the  copy  on  the 
cache  server  and  not  from  the  host  web  site.  A  cache  server  has  the  potential  of  greatly 
reducing  the  overall  WAN  traffic. 

To  illustrate  the  potential  impact  of  a  cache  server,  assume  the  100-KB  file  referred  to  in 
the  model  (Table  1 )  in  a  lab  setting  of  thirty  computers.  The  first  user  to  access  the  web 
server  will  download  100  KB  (ignore  handshaking  and  other  real  network  issues).  This 
will  be  stored  on  both  the  user's  browser  cache  as  well  as  the  cache  server.  If  a  second 
user  in  this  lab  accesses  this  site,  the  data  will  be  downloaded  from  the  cache  server 
over  a  local  Ethernet  connection  and  not  from  the  web  server. 

If  each  of  the  thirty  computers  access  this  same  site  (as  would  be  the  case  in  a  teaching 
environment  where  a  specific  site  is  required),  the  total  WAN  traffic  would  be  thirty  times 
100  KB  (3000  KB)  without  a  cache  server  and  100  KB  with  a  cache  server.  This  would 
represent  a  best  case  scenario. 

If  each  user  were  doing  independent  work,  the  impact  of  the  cache  server  would  be 
reduced  since  these  users  tend  to  be  going  to  different  sites.  In  other  words,  the  thirty 
times  savings  in  WAN  traffic  would  tend  towards  one  time  or  no  net  WAN  bandwidth 
saving.  In  reality,  there  is  generally  a  20  to  30  per  cent  cache  hit  rate  in  schools  with  a 
mix  of  labs  and  computers  in  other  locations. 

Overall  network  traffic  may  not  seem  to  warrant  a  cache  server,  particularly  in  schools 
with  small  enrolments.  (The  cost  per  student  for  a  small  school  to  justify  a  cache  server 
with  UW  disk  drives  is  quite  high.)  However,  there  is  another  way  of  looking  at  cache 
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servers:  if  the  information  has  been  cached,  the  latency  for  the  student  is  much  lower 
than  waiting  for  it  over  a  much  slower  WAN  link. 


Tips  1_  

•  Cache  servers  are  disk  l/O-intensive.  Ultra-wide  SCSI  (UW)  disks  are  required  for 
adequate  performance.  (The  U2W  drives  that  are  beginning  to  be  available  should 
give  better  performance  than  UW.) 

•  Using  two  network  interface  cards  (NIC)  in  a  cache  server  helps  segment  the  traffic. 
One  NIC  can  connect  to  the  LAN  and  the  other  to  the  WAN.  This  reduces 
unnecessary  traffic  to  the  WAN  device  (router,  etc.). 

 ■—  77"   ^  — —  ^ 


Issue  

Equity  means  that  performance  should  be  available  equally  to  students  in  small  and 
large  schools.  To  provide  network  opportunities,  schools  may  require  cache  servers  and 
other  network  devices  "beyond  what  the  numbers  warrant." 


A  question  often  asked:  "Is  a  cache  server  worth  the  price?  After  all,  they're  expensive." 
There  is  no  simple  answer  to  this  subjective  question.  A  cache  server  could  make  the 
difference  between  a  slow  WAN  connection  being  useful  or  too  slow.  The  following 
snapshot  of  two  cache  servers  illustrates  actual  student  patterns.  Table  9  lists  the  top 
destinations  from  two  large  senior  high  schools. 
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TABLE  9:  CACHE  SITE  ANALYSIS 
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In  both  schools,  the  largest  single  destination  is  ".conn" — commercial  sites.  This  raises 
the  further  question  as  to  which  sites  these  are  (Table  10). 
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TABLE  10:  ".COM"  CACHE  ANALYSIS 


The  largest  single  site  in  the  ".com"  group  of  sites  is  <www.qeocities.com>.  Like  other 
large  sites,  this  site  has  various  categories.  It  would  appear  (from  the  network  traffic 
point  of  view)  that  this  site  is  being  chosen  over  others  for  chat,  e-mail,  and  free  web 
pages. 

If  a  jurisdiction  has  all  of  its  schools  connect  to  a  jurisdiction-wide  WAN  connection,  it  is 
possible  to  have  a  jurisdiction  or  "head-end"  cache  server.  This  server  will  be  queried 
for  web  pages  before  the  network  request  goes  out  onto  the  Internet.  The  architecture 
of  having  a  school  cache  server  and  a  jurisdiction  cache  server  is  referred  to  as 
"cascading  cache  servers." 


Tip 

If  WAN  bandwidth  is  an  issue,  schools  may  wish  to  review  what  sites  and  types  of 
activities  are  of  educational  merit. 
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MULTIPLE  WAN  CONNECTIONS 


Most  schools  in  the  province  are  connected  to  the  Internet  via  a  single  network  access 
point.  In  August  1997,  cable  companies  donated  a  cable  modem  to  schools  where  the 
service  was  available.  This  event,  which  resulted  in  the  potential  for  schools  to  have 
more  than  one  WAN  connection,  raises  some  architecture  design  issues.  If  the  school  is 
part  of  a  jurisdiction  WAN  with  firewall  and  filtering  at  a  central  site,  access  to  the 
Internet  at  the  school  level  creates  a  security  access  point  to  the  jurisdiction  at  many 
locations.  This  results  in  requirements  for  filtering,  firewall,  etc.  at  each  site  in  addition  to 
the  central  site. 

Traditionally  the  solution  would  be  to  add  a  router  at  the  site.  A  router  is  very  good  at 
keeping  unwanted  traffic  out  of  the  school,  but  it  does  little  to  filter  for  content  or  other 
types  of  tasks.  With  the  prices  of  PCs  falling  rapidly,  it  is  possible  to  use  a  proxy  server- 
firewall-filter  computer  with  two  network  interface  cards  (Figure  15). 

Network  H/or/cy  magazine  reviewed  a  router  (Cisco  2514)  versus  a  PC  (200  MHz 
Pentium  with  MS  RRAS  routing,  3Com  10/100  NIC)  (January  12,  1998: 
<http://www/nwfusion.com>)  and  found  that  a  Pentium  200  with  10/100  adapters  could 
handle  approximately  twenty-five  users  per  segment  and  up  to  100  users  overall  before 
encouraging  significant  performance  issues.  Hardware-based  routers  like  the  2514  were 
more  appropriate  for  50-75  users  per  segment  or  heavy  load  users. 

PC  and  router  costs  are  similar,  depending  on  what  is  purchased  for  the  PC.  The  PC 
gives  better  flexibility,  in  that  more  software  such  as  filtering  can  be  run  and  the 
computer  can  be  moved  to  other  locations  in  the  school  or  jurisdiction  when  more 
capacity  is  required.  A  router  performs  that  job  well  but  is  obsolete  when  it  no  longer 
meets  the  needs  of  the  school. 

A  more  thorough  test  of  this  architecture  is  being  conducted  at  a  school  in  the  Elk  Island 
Public  Schools  Regional  Division. 
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FIGURE  15:  MULTIPLE  WAN  CONNECTIONS  FROM  A  SCHOOL 
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SUBNETS  AND  FILTERS 


Schools  represent  an  interesting  security  challenge.  In  many  schools,  students  know 
more  about  computers  and  networks  than  the  teachers  and  staff.  Students  in  senior 
grades  also  have  access  to  packet  analysis  software,  viruses,  and  all  of  the  things  that 
have  the  potential  to  make  a  school  network  vulnerable.  Various  mechanisms  have 
been  deployed  to  "lock  up"  the  desktops.  Recently  there  has  been  a  move  to  Windows 
NT  for  student  computers  because  of  its  ability  to  be  tightly  controlled. 

One  area  of  overall  security  that  often  is  overlooked  is  subnets  and  filters.  This  area 
must  be  addressed  very  early  in  the  design  since  any  changes  downstream  are  very 
time-consuming  to  implement.  A  number  of  early  decisions  can  assist  the  school 
design. 

What  is  the  address: 

•  range  of  administrative  computers 

•  range  of  instructional  computers 

•  the  mail  server 

•  the  school  server 

•  the  web  server 

•  the  primary  domain  controller  (for  NT  schools) 

•  the  remote  access  server  (for  dial  in) 

•  the  proxy/cache  server 

•  video  server 

•  library  electronic  resources  server 

•  etc. 

Before  long,  schools  find  they  have  a  multiplicity  of  electronic  services.  In  small  schools 
many  of  these  functions  can  occur  on  one  server  but  in  large  schools  they  will  quickly  be 
on  multiple  computers.  From  a  jurisdiction  perspective  there  needs  to  be  a  similarity  so 
that,  when  a  device  sets  off  an  alarm  in  OpenView  or  its  equivalent,  the  address  will 
easily  be  identified  (what  type  of  device  it  is).  These  types  of  network  services  should 
have  static  addresses. 

For  purposes  of  discussion,  assume  that  the  school  has  a  private  B  or  C  licence  on  their 
side  of  the  firewall  (x.x. 125.0  and  x.x. 126.0  where  125  is  administrative  and  126  is 
instructional).  The  school  wishes  to  have  a  mail  server  (x.x.126.z  where  126  is 
instructional  and  z  is  the  number  for  mail  servers)  that  can  be  accessed  by  both  students 
and  staff.  Placing  it  on  the  instructional  side  of  the  network  will  require  access  through  a 
network  device  that  lets  staff  through  to  the  mail  server  but  prevents  students  from  going 
through  the  device  to  the  administration  side  (Figure  16). 
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Interface 

Proto 

Port 

Address 

Mask 

Action 

Destination 

TCP 

25 

x.x. 125.0 

255.255.255.0 

Forward 

Source 

All 

X.X.126.Z 

255.255.255.255 

TABLE  11:  FILTER  ADDRESS  AND  MASK 


In  the  example  shown  in  Table  1 1 ,  the  router  would  be  given  IP  filter  rules  to  allow  TCP 
traffic  for  mail  (SMTP  is  port  25)  to  go  from  the  mail  server  (126.z)  through.  For  most 
readers,  how \h\s  works  is  not  important,  just  that  it  can  be  done.  This  issue  needs  to 
be  addressed  early  in  the  evolution  of  the  school  network. 

Figure  16  illustrates  how  a  filter  can  allow  administrative  and  instructional  traffic  to 
access  a  server  while  preventing  an  instructional  computer  from  accessing  the 
administrative  network.  The  router  permits  the  address  range  of  the  administrative 
subnet  to  go  to  the  segment  with  the  server.  The  same  router  drops  the  packets  from" 
the  instructional  computers  so  they  are  unable  to  get  to  the  administrative  segment.  In 
order  for  this  to  continue  to  work,  the  system  must  prevent  anyone  from  changing  IP 
addresses  on  the  instructional  side  to  administrative  ones. 


Target 


FIGURE  16:  FILTER  ON  ADDRESS/PROTOCOL 
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_  Tips 


Administrative  and  instructional  computers  sliould  liave  different  IP  addresses  that 
can  be  filtered  easily. 

Administrative  and  instructional  computers  should  be  attached  to  different  physical 
hubs  or  switches. 

External  access  (e.g.,  from  modems)  should  be  controlled  by  an  access  server  and 
should  be  easily  identified  by  their  IP  addresses. 

Filters  can  be  applied  to  IP  addresses  as  well  as  protocols. 

Filter  and  allow  only  student  IP  addresses  from  instructional  computers.  This  will 
prevent  students  from  spoofing  by  changing  their  IP  address  to  an  administrator's 
address. 

•    Where  possible,  there  should  be  "one  computer  for  one  service." 


CASE  ANALYSIS— LISTENING  TO  THE  RADIO 

Listening  to  a  radio  live  (Figure  17)  requires  between  8  Kbps  and  1 1  Kbps  of  bandwidth. 
It  also  requires  a  very  good  end-to-end  connection  since  each  network  delay  disrupts  the 
audio  noticeably.  Notice  this  capacity  may  be  determined  by  the  use  of  the  RealAudio 
window  "Playing  8.0  Kbps,"  the  NetMedic  window  (1 1  Kbps  instantaneous  in  Speed  Limit 
section  at  time  of  capture  but  averaging  8  Kbps),  or  1251  Bps  (1251  X  8  =  10,008  bits  or 
10  Kbps)  average  using  Performance  Monitor  on  the  NIC. 
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FIGURE  17:  LIVE  RADIO 

The  question  may  be  asked,  "So  what?  Who  cares  if  listening  to  audio  takes  eight 
Kbps?"  The  answer  relates  to  what  a  school  may  actually  do  in  the  future. 

For  example,  consider  a  high  school  social  studies  teacher  who  wants  to  listen  to  a 
report  on  a  key  world  event  that  is  being  broadcast  on  the  Internet.  If  the  teacher  uses  a 
single  computer  and  speakers,  the  bandwidth  to  the  school  would  be  eight  Kbps.  If  the 
teacher  uses  one  computer  per  student,  each  student's  bandwidth  requirements  are 
eight  Kbps  A  class  of  thirty  would  require  30  X  8  Kbps  or  240  Kbps.  Many  schools  do 
not  have  that  bandwidth  available.  Trying  to  do  this  over  a  centrex  line  would  result  in 
lost  data,  broken  speech,  and  an  unsatisfactory  instructional  experience. 
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Knowing  the  general  metric  for  RealAudio  permits  teachers  to  select  alternative 
instructional  strategies.  One  way  around  the  bandwidth  to  the  school  would  be  similar  to 
a  cache  server — creating  an  audio  server  (and  using  multicast).  This  would  involve  a 
computer  that  runs  audio  server  software.  The  sound  clip  is  downloaded  to  the  server  for 
subsequent  use  by  students.  Audio  servers  are  very  good  at  storing  sound  clips  that  are 
most  often  useful  to  auditory  learners.  Such  a  server  is  a  network  architecture  design 
issue. 


Useful  Sites 

RealAudio  <http:/7www.realaudio.com/> 
CU-SeeMe  <http://www.wpine.com/> 

 """^ 


PORNOGRAPHY,  HACKERS,  AND  OTHER  UNMENTIONABLES 

Although  most  people  recognize  that  many  sites  are  inappropriate  for  student  use,  few 
schools  and  jurisdictions  in  Alberta  are  using  filtering  software.  Some  using  the  software 
may  not  have  examined  whether  the  software  is  effective.  Many  jurisdictions  apparently 
do  not  want  to  be  cyber-police  and  rely  on  signed  "terms-of-use"  agreements.  This  is 
one  of  the  many  new  tasks  that  emerge  in  running  a  network,  and  often  there  is  not 
sufficient  staff  to  address  all  of  them.  Although  the  word  "censorship"  is  often  heard, 
materials  available  on  the  Internet  may  require  some  level  of  action  in  loco  parentis. 

Firewall-1  accounting  logs  indicate  that  students  in  unsupervised  labs  or  using 
computers  that  a  teacher/librarian  can  not  see  are  accessing  sites  that  many  parents 
would  not  consider  acceptable. 

The  major  use  of  a  firewall  product  such  as  Firewail-1  is  to  protect  the  internal  network 
from  outside  attack.  Many  users  throughout  the  world  find,  attack,  and  destroy  the  data, 
servers,  and  access  to  the  Internet  of  individuals  and  institutions.  Most  schools  operate 
in  a  trusting  environment  and  are  not  used  to  having  to  protect  themselves  from  such 
attack.  Firewall-1  is  a  good  product  for  providing  a  rules-based  interface  to  firewall 
management. 

Management  of  what  internal  users  are  permitted  to  do  in  such  an  environment  is 
illustrated  by  a  rule  (Figure  18). 
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FIGURE  18:  A  FIREWALL-1  RULE 


In  this  rule,  a  subset  of  users  (all  instructional  networks)  that  attempt  to  access  a 
restricted  site  (for  example,  those  defined  within  SurfWatch  or  WebSense)  will  have  their 
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packets  rejected.  In  addition  to  this,  the  management  software  monitoring  the  network 
(in  our  case,  the  OpenView  console)  will  be  notified  by  an  SNMP  alert  that  such  an 
access  has  been  attempted.  It  is  possible  to  see  network  rule  violations  in  real  time. 

To  assist  schools  in  reducing  these  situations,  a  screen  (Figure  19)  has  been  created 
that  contains  a  loud  siren  noise.  This  web  page  is  sent  whenever  the  filter  software 
encounters  a  site  on  the  list  of  inappropriate  sites.  While  it  sometimes  creates  false 
alarms,  such  a  technique  reduces  the  number  of  in-school  accesses.  Note,  however, 
that  talented  students  can  disable  the  sound  before  accessing  sites. 
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FIGURE  19:  AUDIBLE  ALERT 


Suggested  Strategy 


Implement  filtering  and  have  staff  check  logs. 


Useful  Sites 

WebSense  <http://www.websense.com/> 
Surfwatch  <http://www1  .surfwatch.com/home/> 
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DIAGRAMS  AND  DOCUMENTATION 


One  tool  for  recording  IP  addresses,  MAC  (Ethernet)  addresses,  and  wiring  diagrams  is 
a  visual  database  from  Aperture.  Starting  off  as  a  Macintosh  application,  it  has  moved  to 
the  Windows  NT  environment  and  also  is  integrated  into  OpenView. 

Appendices  H  and  I  (Figures  38-40)  include  diagrams  at  the  jurisdiction  level  down  to 
individual  computers  with  data  records  attached  to  them.  Examination  of  the  menu  bar 
will  illustrate  that  this  is  a  combination  drawing  suite  and  database  that  can  be  navigated 
much  like  web  pages  with  "hot  spots." 

There  are  powerful  and  useful  tools  available  to  assist  in  the  documentation  process.  All 
Elk  Island  Public  Schools  wiring  tenders  are  first  drawn  with  a  tool  and  are  given  to 
potential  contractors  for  a  price  quotation. 


Aperture  <http://www.aperture.com/> 


WAN  ANALYSIS  SUMMARY 

The  model  provided  in  this  report  illustrates  a  number  of  points.  Network  traffic  occurs 
over  Ethernet  and  Internet  traffic  utilizes  the  TCP/IP  protocol.  Different  WAN 
connections  have  different  capacities.  A  56-Kbps  connection  has  a  maximum  capacity 
of  7000  bytes  per  second  while  a  T1  has  a  maximum  capacity  of  192,500  Bps.  These 
are  theoretical  maximums;  approximately  80  per  cent  of  the  capacity  should  be  used  to 
determine  typical  traffic. 

There  are  different  packet  sizes  on  a  network,  and  it  takes  different  amounts  of  time  to 
download  files  of  various  sizes.  Many  users  have  an  impact  on  a  WAN  connection. 
Conservation  of  bandwidth  can  be  achieved  with  cache  servers,  filters,  etc.,  and  WAN 
traffic  can  be  split  to  multiple  WAN  connections. 

Audio  and  video  through  a  WAN  connection  can  have  a  significant  impact  on  network 
performance.  Filtering  of  content  addresses  both  bandwidth  conservation  issues  and 
curriculum  issues. 


NETWORK  DESIGN 


WAN  ANALYSIS  45 
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LAYERS  AND  COMPUTER  PERFORMANCE 


Poor  browser  performance  also  may  be  a  result  of  the  user's  hardware  and/or  software. 

A  computer's  many  integrated  subsystems  all  have  a  direct  impact  on  performance. 
These  subsystems  include: 

•  central  processing  unit  (CPU) 

•  disk  (type,  speed,  controller) 

•  memory  (amount  and  type) 

•  network  interface  card  (speed) 

•  graphics  (memory,  resolution,  graphics  card) 

•  bus  (type  and  speed) 

It  is  possible  to  conclude  (erroneously)  that  lack  of  performance  with  high  CPU  utilization 
is  caused  by  a  CPU  that  is  too  slow  when  the  problem  is  insufficient  memory.  A  lack  of 
sufficient  memory  can  cause  excessive  swapping  with  both  the  disk  subsystem  and 
CPU,  with  resulting  high  utilization.  To  draw  an  analogy,  one  has  to  diagnose  the  "cause 
of  the  headache,"  not  treat  the  "headache." 

This  part  of  the  report  will  attempt  to  serve  two  purposes — identifying  problems  and  tools 
to  assist  in  overall  network  performance  from  an  end-user  perspective,  and  education  of 
the  user  to  assist  in  better  computer  purchases. 

For  simplicity,  illustrative  tools  will  be  drawn  mostly  from  PCs  but  the  general  principles 
apply  to  all  computers. 


CENTRAL  PROCESSING  UNIT 

The  central  processing  unit  (CPU)  is  the  component  that  actually  performs  all  the  work. 
It  performs  "one  task  at  a  time"  and  is  synchronized  with  the  system  clock.  A  clock 
speed  of  1 66  MHz  means  that  the  clock  is  running  at  1 66  million  (mega)  times  per 
second.  If  the  CPU  performs  one  task  for  every  clock  cycle,  then  it  can  run  166  million 
instructions  per  second.  If  the  clock  is  333  MHz,  it  is  running  approximately  twice  as  fast 
as  the  one  running  at  166  MHz. 

The  two  most  common  computer  families  in  schools  are  the  PC  and  the  Macintosh. 
Each  CPU  family  has  the  instructions  it  can  run  built  right  into  the  silicon  of  the  CPU. 
These  instruction  sets  can  not  be  modified.  The  Intel  or  PC  family  of  computers  include 
the  8088,  80286  (AT),  80386,  80486,  Pentium,  PentiumPro,  Pentium  II,  etc.  The 
Motorola  family  used  in  the  Macintosh  includes  the  68000,  68020,  68030  (e.g.,  SE30), 
68040,  and  the  PowerPC  601 ,  603,  and  604. 

CPUs  are  "interrupt  driven."  They  are  halted  every  time  there  is  a  request  to  write  or 
read  to  disk,  update  the  screen,  and  so  on.  Newer  architectures  such  as  PCI  2.1 
minimize  the  number  of  interrupts  a  computer  receives  and  result  in  more  efficient  use  of 
the  CPU. 
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Computers  need  to  get  their  information  from  memory.  Tliere  is  special  memory  for 
"often  used"  instructions  called  "cache  memory."  Cache  memory  has  very  short 
distances  to  transfer  the  data  to  the  CPU  and  has  wide  data  paths  for  doing  so.  L2 
cache  significantly  aiiecXs  the  overall  performance  of  a  computer. 


Tips 



•  Clock  speed  (measured  in  MHz)  Higher  is  better. 

•  L2  cache  Having  it  is  better. 


CPU  METRICS 

Measuring  the  performance  of  computers  is  becoming  more  of  a  science  than  it  used  to 
be.  CPU  clock  speed  is  a  significant  factor  when  recalculating  a  spreadsheet,  doing 
document  spell  checks,  and  anything  that  is  "compute-intensive."  Photograph  and  video 
editing  are  examples  of  highly  CPU-intensive  tasks. 

Tasks  such  as  typing,  opening  and  closing  files,  e-mail,  etc.,  tend  to  be  affected  more  by 
the  disk  subsystem  and  memory  than  by  CPU  clock  speed.  Moving  a  window  around  on 
the  screen  is  a  highly  CPU-intensive  task  (Figure  20),  while  surfing  with  a  browser  is  not 
CPU-intensive. 


Tip  ^ 


On  a  Windows  95/NT  computer,  use  the  Task  Manager  to  examine  CPU  utilization.  This 
is  an  inexpensive  way  to  see  if  the  task  is  CPU-bound. 
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FIGURE  20:  CPU  UTILIZATION 
MOVING  A  WINDOW  AND  LAUNCHING  AN  APPLICATION 


The  overall  CPU  processor  time  shows  a  rapid  rise  to  100  per  cent  utilization.  (Note  that 
the  graph  time  window  is  100  seconds.)  Moving  a  window  on  the  screen  will  consume 
all  of  the  CPU  (first  spike  in  graph).  The  faster  the  CPU-graphics  subsystems,  the 
smoother \he  move  will  appear  on  the  screen.  Launching  an  application  software 
package  such  as  Word  97  will  result  in  a  momentary  utilization  of  CPU,  as  indicated  in 
the  later  spikes.  Much  of  the  application  launch  latency  will  be  related  to  the  disk  and 
not  the  CPU.  This  example  demonstrates  the  interconnectedness  of  the  subsystems. 

Four  object  counters  were  identified  for  the  graph: 

•  per  cent  processor  time.  Total  computing  by  all  processors  on  system.  When 
this  counter  consistently  approaches  100  per  cent,  the  system  OS  will  suspend 
some  tasks  in  order  for  others  to  run.  This  will  create  a  processor  bottleneck. 

•  per  cent  user  time.  Shows  the  total  time  spent  on  user  or  application  processing 
and  is  one  of  the  two  components  of  total  processor  time.  Applications  that  need 
to  access  hardware  devices  send  the  request  to  a  privileged  mode  program.  If 
this  counter  is  high,  then  the  application  is  the  likely  source  of  the  bottleneck. 

•  per  cent  privileged  time.  Shows  the  privileged  operations  such  as  video,  disk  I/O, 
NIC  I/O,  etc.  This  can  be  used  to  identify  which  processes  are  causing  the 
bottleneck. 

•  interrupts  per  second.  The  number  of  device  interrupts. 
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Note  that  the  scales,  all  of  which  can  be  modified,  are  not  all  the  same. 

Performance  Monitor  and  Task  Manager  both  allow  the  user  to  examine  CPU  utilization 
in  "real  time,"  while  events  are  occurring.  Two  comparative  tools  are  useful  for 
measuring  CPU  performance — SPECmark  and  CPUmark32.  One  metric  used  within 
PCs  is  CPUmark32  developed  by  Ziff-Davis,  part  of  the  Ziff-Davis'  WinBench®  98 
Version  1 .0  benchmarks  suite.  This  metric,  available  in  computer  magazines,  is  highly 
useful  when  evaluating  CPU  performance. 

For  example: 

•  A  Dell  Dimension  XPS  D333  (a  Pentium  II  running  at  333  MHz)  obtained  a  Ziff- 
Davis'  WinBench®  98  Version  1 .0  ZD  CPU mark32  score  of  1600  {PC  Magazine, 
February  24,  1998,  p.  46). 

•  A  Dell  OptiPlex  Gxa  (a  Pentium  II  running  at  233  MHz)  obtained  a  Ziff-Davis' 
WinBench®  98  Version  1 .0  ZD  CPUmark32  score  of  693  (PC  Magazine,  December 
2,  1997,  p.  185). 

Note:  The  above  points  are  cited  as  magazine  references  instead  of  just 
CPUmark32  results  due  to  the  constraints  of  the  WinBench®  98  license 
agreement. 

A  different  metric  that  crosses  CPUs  is  required  to  measure  performance  of  dissimilar 
computers.  If  a  school  or  jurisdiction  is  evaluating  a  tender  for  a  financial  computer  or 
student  record  computer  and  there  are  many  vendors,  such  a  metric  could  assist  in  "right 
sizing"  the  purchase.  For  example,  a  Digital  computer  with  an  Alpha  CPU,  an  IBM  RISC 
6000,  a  Sun  workstation,  and  a  Pentium  ll-based  PC  could  be  compared. 

One  such  metric  is  a  SPECmark  (Standard  Performance  Evaluation  Corporation).  A 
SPECmark  is  an  audited  benchmark  that  measures  performance  on  various  systems. 

For  example: 

•  a  Dell  Dimension  XPS  Pro200n 

-  integer  rating  CINT95  =  8.20 

-  floating  point  rating  CFP95  =  6.21 

•  Motorola  604e  SPECint95  =  7.41  (@200  MHz,  66  MHz  Bus,  L2— 512  KB,  60  ns 
EDO) 

•  Motorola  603e  SPECint95  =  4.4  ((S)200  MHz,  66  MHz  Bus,  L2— 512  KB,  70  ns 
DRAM)  and  SPECint95  7.4  (g>300  MHz 


A  good  metric  for  PC  CPU  performance  is  the  CPUmarkss.  A  good  metnc  for  cross - 
platform  servers  is  the  SPECmark. 
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Common  to  all  benchmarks  is  a  detailed  outline  of  precisely  what  hardware  and  software 
were  used  for  the  test.  This  is  important  since  a  different  disk  drive  could  substantially 
alter  a  computer's  performance. 


When  evaluating  hardware,  require  the  vendor  to  supply  benchmark  results.  This  will 
assist  in  evaluating  not  only  relative  performance  but  will  ensure  that  all  subsystems 
have  been  clearly  identified. 


STATE  OF  THE  ART 

Performance  is  much  more  important  for  servers  than  for  most  user  computers.  The  PC 
environment  is  changing  very  rapidly.  At  the  time  of  this  writing,  gigabit  Ethernet 
adapters  were  becoming  available  and  new  bus  speeds  of  100  MHz  were  beginning  to 
appear.  The  most  dramatic  improvement  in  PC  architecture  was  the  splitting  of  video 
(like  the  AGP  graphics)  and  other  subsystems  to  use  less  of  the  CPU  than  in  earlier 
computers. 


The  PC98  standard  (<http://www.microsoft.com/hwdev/desquid/>  and 
<http://developer.intel.com/desiqn/pc98/>)  outlines  the  changes  from  PC97  and  also 
serves  as  a  forum  for  the  evolving  PC99  standard. 


Typical  specifications  for  a  high-end  PC  at  this  time  include: 

•  350-400  MHz  Pentium  II  with  51 2K  cache  (BX  chipset,  new) 

•  ECC  SDRAM  memory 

•  100  MHz  bus  (new) 

•  Ultra-Wide  SCSI-3  hard  disk  drive  (new) 

•  AGP  video  card  with  8  MB  video  memory 

•  10/100-Mbps  NIC 

•  AWE  64-compliant  sound  with  speakers 

The  current  performance  differences  between  a  300-  and  a  333-MHz  computer  likely  will 
not  be  enough  to  warrant  the  price  difference.  According  to  benchmark  tests,  the 
CPUmark32  of  a  333  MHz  is  between  800  and  850  while  a  266  MHz  obtains  a  score  of 
approximately  700.  This  is  because  other  subsystems  are  affecting  the  performance 
more  than  the  CPU  clock.  Most  users  in  education  will  not  notice  this  difference. 
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Some  significant  clianges  occurred  during  1998.  With  the  arrival  of  the  next  generation 
of  the  Deschutes-based  PCs,  the  dock  rates  go  to  around  400  MHz  but  the  bus  speeds 
increase  to  100  MHz  (from  66  MHz). 

By  mid-1998,  Intel  began  to  ship  the  replacement  for  the  PentiumPro  (Xeon),  which  has 
a  full-speed  backside  bus,  100-MHz  system  bus,  and  2-MB  Level  2  cache.  Late  1998 
saw  the  450  NX  chipset  with  hot  plug  PCI.  MMX-based  Intel  computers  will  not  be  a 
player. 

The  new  G3  Macintosh  is  the  first  Macintosh  to  have  some  of  the  more  common  PC 
features  (<http://til.info.apple.com/techinfo.nsf/artnum/n24396>).  In  addition  to  the  faster 
clock  (300  MHz),  it  has: 

•  a  1  -MB  backside  L2  cache 

•  150-MHz  dedicated  64-bit  backside  bus 

•  integrated  floating-point  unit  and  64K  level  1  on-chip  cache  (32K  data  and  32K 
instruction) 

•  66-MHz  system  bus 

•  64  MB  or  1 28  MB  of  SDRAM 

•  64-bit  memory  bus 

•  10/100  Basel 

•  UW  SCSI  hard  disk 

•  1 28-bit  2D/3D  graphics  accelerator,  6  MB  SGRAM 

•  three  PCI  expansion  slots  compatible  with  PCI  2.1 -compliant  cards 

•  two  high-speed  DMA  serial  (RS-232/RS-422)  ports  compatible 

These  significant  hardware  improvements  for  the  typical  Macintosh  will  result  in 
noticeable  improvements  to  the  end  user.  Compare  these  specifications  with  the  Model 
6500  (603e  at  250  or  275  MHz,  32K  internal  cache,  256  or  51 2K  L2)  with  a  50  MHz 
system  bus  or  an  older  LC  630  (66  MHz)  with  a  33  MHz  bus  at  32  bits. 

There  are  no  SPECmark  ratings  for  Macintosh  computers,  and  the  MacBench  ratings 
have  no  comparability  to  the  WinBench  numbers.  Some  Macintosh  computers  were 
rated  in  MIPS  (millions  of  instructions  per  second)  with  an  LC  III  rated  at  6.3  MIPS  and 
an  LC  575  rated  at  29  MIPS.  MIPS  is  useful  only  when  looking  at  the  CPU  performance. 

Caveat  Emptor.  Not  all  CPU  benchmarks  will  yield  identical  metrics.  It  is  quite  possible 
to  use  CPUmark32,  SPECfp95  and  SPECint95,  Norton  Multimedia  and  SI32,  and  Intel's 
Media  and  get  different  results.  You  will  have  to  dig  deeper  to  examine  what  the 
benchmark  is  actually  testing. 
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Future  trends: 

•  Slot  2-based  Pentium  II  ("Marlinespike")  with  four  dual  in-line  memory  modules, 
the  new  440GX  chip  set  and  up  to  2  GB  RAM 

•  Colfax-based  notebook  with  Pentium  II,  440BX  chip  set,  Rambus  support,  2X 
AGP,  100  MHz  bus  and  IEEE  1394  (due  second  half  of  1999) 

•  Merced  ("Bigfoot")  with  two  Merced  processors,  4X  AGP,  modular  I/O,  460GX 
chip  set  and  Slot  M  interface  (due  fourth  quarter,  1999) 

•  Katmai-based  Pentium  II  to  include  440JX  ("Camino")  (due  second  quarter, 
1999) 


MEMORY 

Computers  have  many  types  of  memory.  The  user  is  faced  with  EDO,  SDRAM,  ECC, 
VRAM,  WRAM...  and  the  list  goes  on.  For  the  majority  of  end-user  computers,  whatever 
comes  with  the  computer  or  whatever  the  motherboard  is  designed  for  is  adequate. 
Macintosh  users  seldom  have  the  opportunity  to  choose  the  type  of  memory  they 
purchase  whereas  most  PC  purchases  require  input.  In  early  1998,  SDRAM  was  the 
normal  type  of  memory  in  microcomputers. 

The  amount  of  memory  has  a  very  large  impact  on  a  computer's  performance.  NT  is 
particularly  sensitive  to  memory:  the  difference  in  performance  between  32  MB  and  64 
MB  for  a  200-MHz  Pentium  MMX  is  approximately  20  per  cent  and  a  300-MHz  Pentium 
II  performs  approximately  50  per  cent  better  than  32  MB  (PC  Magazine, 
September  23,  1997). 


NETWORK  INTERFACE  CARD 

The  network  interface  card  (NIC)  is  the  postal  service  that  delivers  mail  from  the  "source" 
to  the  "destination."  It  never  reads  the  "mail"  but  only  delivers  it.  The  network  adapter  is 
referred  to  as  a  "dumb"  device  because  it  never  tries  to  read  or  make  sense  of  any  data 
in  a  packet.  If  it  can  not  deliver  the  data,  it  will  continue  to  retry  until  the  software  tells  it 
to  stop  trying. 

The  NIC  has  a  maximum  rate  at  which  it  can  send  and  receive  data.  While  a  10-Mbps 
NIC  has  a  rated  capacity  of  10  million  bits  per  second,  a  NIC  has  a  rating  of 
approximately  7.4  Mbps  maximum  (approximately  74  per  cent). 
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Metric 


The  maximum  capacity  of  a  10-MBps  NIC  is  approximately  7.4  MBps  and  the  maximum 
for  a  100-MBps  NIC  is  approximately  56  MBps  (under  special  circumstances  this  can  be 
higher). 

10BASE-T  refers  to  10  Mbps  data  rate,  base  band  frequency,  100-metre  lengths,  and 
100-ohm  UTP  cable  with  RJ-45  connectors. 

Note:  When  multiple  computers  share  a  10-Mbps  Ethernet  segment,  the  overall 
interactive  traffic  begins  to  degrade  when  total  network  traffic  is  above  3  Mbps;  i.e. 
greater  than  30  per  cent. 


J  Tip 

Standardize  on  10/100-Mbps  NICs. 

The  NIC  delivers  the  data.  Its  data  transfer  rate  depends  on  other  subsystems  in  the 
computer — bus  speed,  data  path  width,  disk/memory  subsystem,  and  IP  stack.  The  NIC 
is  attached  to  the  computer  through  various  means  (on  the  motherboard,  in  a  PCI  slot, 
etc.).  For  discussion,  assume  that  the  NIC  is  in  a  PCI  slot.  The  clock  speed  of  the  bus 
and  the  number  of  bits  it  can  receive  determine  how  fast  the  NIC  can  deliver  the  data  to 
the  computer.  Recall  that  older  Macintosh  computers  like  the  LC630  had  a  bus  speed  of 
33  MHz.  Most  current  computers  have  a  bus  speed  of  66  MHz. 

The  second  variable  in  performance  (getting  data  into  computer  memory)  is  the  data 
path  (32  bit,  64  bit,  etc.).  A  bus  receiving  data  64  bits  at  a  time  will  have  a  two-fold 
performance  advantage  over  a  bus  receiving  data  at  32  bits  at  the  same  clock  speed.  A 
user  will  notice  both  bus  speed  and  width  of  the  data  path  when  receiving  a  page  at  a 
browser. 
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FIGURE  21 :  FILE  TRANSFER  THROUGH  A  NIC 


Performance  Monitor  (NT)  can  be  used  to  examine  traffic  to  a  NIC  (Figure  21 ).  In  this 
case,  90  MB  in  890  files  of  data  were  copied  from  a  server  to  the  local  computer.  The 
average  for  data  received  was  540,770  Bps  (top  line).  The  CPU  was  utilized  at  a  peak 
of  45  per  cent  (centre  line)  and  the  average  for  bytes  sent  (mostly  acknowledgements) 
was  around  2  MBps  (bottom  line). 

Examination  of  the  bytes  received  (top  line)  indicates  that  the  rate  of  a  file  transfer  varies 
considerably.  Many  small  files  result  in  slower  overall  transfer  rates  while  large  file 
transfers  will  have  a  smoother  graph. 
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FIGURE  22:  FILE  TRANSFER  THROUGH  NIC— NON-UW 


The  transfer  in  Figure  21  was  to  a  PCI-based  UW  SCSI  disk  drive.  To  illustrate  the 
impact  of  the  disk  subsystem  on  NIC  performance,  the  same  90  MB  of  data  in  890  files 
was  transferred  to  a  computer  that  was  identical  in  every  respect  except  for  the  disk 
drive  (Figure  22).  The  drive  in  the  second  test  was  to  a  PCI-based  SCSI-2.  Notice  that 
CPU  utilization  was  significantly  higher  (in  the  50  per  cent  range).  The  CPU  of  a  server 
with  this  drive  subsystem  would  spend  approximately  half  its  time  being  interrupted  and 
serving  disk  subsystem  requests.  It  would  likely  peak  for  performance  when  there  are 
very  few  additional  tasks. 


Tip  _  

Servers  with  high  I/O  requirements  require  UW  SCSI  disk  drives. 


What  is  actually  going  on  in  the  Ethernet  cable  can  be  examined  with  a  probe.  RMON 
probes  give  a  different  look  at  the  network  during  the  90-MB  file  transfer.  The  packet 
size  trend  (Figure  23)  illustrates  that  the  network  attempts  to  utilize  the  largest  packets 
possible.  Again,  realize  that  each  packet  received  has  a  64-byte  acknowledgement 
packet.  It  is  clear  that  the  majority  of  packets  are  large  as  a  file  is  being  transferred. 
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FIGURE  23:  PACKET  SIZE  TREND 


Figure  24  shows  utilization  and  numbers  of  packets  per  second.  Network  utilization 
attained  peaks  of  50  per  cent  during  the  transfer,  with  packet  rates  peaking  at 
approximately  700  pps.  RMON  gives  users  the  ability  to  examine  the  same  file  transfer 
from  different  points  of  view. 
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utilization 


A  disk  can  have  a  great  impact  on  the  NIC  performance  during  file  transfers.  To 
illustrate  this  in  more  detail,  a  single  file  of  11 .4  MB  was  transferred  four  times. 
Performance  Monitor  was  utilized  to  examine  the  NIC  (Figure  25).  The  scales  for  each 
of  the  counters  is  different — there  is  a  one  thousand  times  difference  between  the  bytes 
received  and  sent.  This  was  done  so  that  the  lines  could  be  visible  on  the  graph.  The 
packet  per  second  scale  is  0.01 . 

A  single  file  has  a  "ramp-up"  time  of  one  to  two  seconds  (the  ascending  curve),  a 
relatively  flat  transfer  rate  of  approximately  eight  seconds,  and  a  "ramp-down"  time  of 
one  to  two  seconds  (the  descending  side  of  the  curve).  Each  repetition  yielded  similar 
results.  This  example  illustrates  the  actual  transfer  rates  of  the  NIC-disk  subsystem  for  a 
particular  computer  with  a  file  size  of  1 1 .4  MB. 
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FIGURE  25:  NIC-DISK  TRANSFER  RATES 


GREENING 


Although  many  students  and  staff  are  very  ecologically  aware,  few  seem  to  think  of  WAN 
bandwidth  as  a  scarce  resource.  The  following  tips  will  help  conserve  bandwidth. 


Tips  

•  Set  "autoload  images"  off.  Students  like  multimedia  and  visual  presentation  of 
information,  but  the  pictures  and  animation  require  significant  bandwidth  due  to  their 
size.  Not  automatically  loading  these  images  will  significantly  reduce  WAN  traffic. 

•  Tune  the  cache  on  the  local  drive. 

•  Use  a  site-based  cache  server. 

•  Download  web  pages  in  non-peak  hours  and  store  them  in  the  school. 

•  Minimize  high  bandwidth  applications  (real-time  audio,  two-way  video,  etc.).  Use 
them  only  where  they  are  needed. 

•  Limit  the  number  of  sessions  per  browser. 

•  Schedule  WAN  classes  in  the  same  way  as  the  music  room  and  gymnasiums. 

•  If  more  than  one  school  is  using  the  same  ISP,  get  a  jurisdiction-level  cache  server. 
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HARD  DISK  SUBSYSTEM 

The  hard  disk  plays  a  significant  role  in  the  performance  of  a  computer.  Every  time  a 
web  page  is  accessed,  a  copy  of  the  file  is  cached  to  the  local  hard  disk.  Again,  many 
computer  purchasers  examine  only  the  size  of  the  disk  drive  (in  GB)  and  seldom  look  at 
the  components  that  actually  make  a  difference  in  performance. 

These  components  include: 

•  rotational  speed  (rpm) 

•  access  time  (milliseconds) 

•  seek  time  (milliseconds) 

•  transfer  rates  (MBps) 

•  mean  time  between  failure  (MTBF  in  hours) 

•  warranty 

A  3-GB  drive  with  a  rotational  speed  of  5400  rpm  (normal)  will  perform  differently  than 
the  same-sized  drive  at  4500  rpm  (low  end)  or  7200  rpm  (high  end).  State  of  the  art 
rotational  speeds  are  10,000  rpm. 


Buying  Tip  

Typical  consumer  drives  have  rotational  speeds  of  5400  rpm.  The  minimum  for  servers 
should  be  7200  rpm  (and  UW  SCSI). 


Average  seel<  time  is  the  average  time  the  hard  disk  takes  to  move  its  read/write  heads 
over  the  platters  to  a  requested  track.  Seek  times  tend  to  decrease  as  disk  capacity 
increases  (about  eight  to  ten  milliseconds).  Average  latency  specifies  the  time  the  drive 
takes  to  spin  the  platters  until  the  appropriate  portions  of  the  track  are  spinning  under  the 
heads.  Average  access  time  is  the  sum  of  average  seek  time  and  average  latency.  It 
typically  represents  the  amount  of  time  it  takes  a  hard  disk  to  locate  data. 


Typical  Drives 

•  Average  seek  times  typically  are  about  eight  to  1 0  milliseconds. 

•  Average  latency  times  are  typically  about  4.5  milliseconds  for  disks  greater  than  one 
GB. 

•  Average  access  times  are  typically  about  eight  to  12  milliseconds. 
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Tip 

Computer  magazines  typically  quote  access  times. 


Transfer  rates  are  the  maximum  rates  at  which  the  data  can  be  transferred.  Internal 
transfer  rate  is  the  speed  at  which  the  drive  can  take  information  off  the  disk  and  into 
internal  buffers,  and  external  transfer  rate  is  the  speed  at  which  the  data  is  actually 
transferred  to  the  computer.  The  transfer  rate  (MBps)  gives  an  indication  of  the 
performance  of  a  drive.  A  1-MB  picture  transferred  at  16.6  MBps  would  take  0.06 
seconds  under  the  best  conditions.  Again,  under  "real  conditions,"  these  are  maximums. 

Disk  drive  performance  is  seldom  an  issue  unless  a  school  is  considering  servers  or  is  a 
high-end  user.  Cache  servers,  library  servers,  etc.,  require  a  significant  amount  of  disk 
I/O. 

There  are  a  number  of  disk  drive  performance  metrics  available  (Table  12). 

•  Adaptec's  ThreadMark  2.0  <http://www.adaptec.com> 

•  Ziff-Davis's  SpeedRate  <http://www.zdnet.com/zdhelp/dl> 

<help/speedrate/speedhelp.html> 

SpeedRate  gives  three  metrics — processor,  disk,  and  graphics.  A  120-MHz  Compaq 
Deskpro  (Column  2)  yields  a  processor  score  of  357  while  a  Dell  Pentium  II  233  (Column 
6)  yields  a  score  of  864  (2.4  times  faster).  The  Compaq  120  had  a  mechanically  slow 
drive  and  yielded  a  disk  score  of  ninety.  This  metric  confirmed  a  suspicion  that  there 
was  a  slow  drive  in  the  computer  that  warranted  further  investigation.  As  it  turned  out, 
this  particular  batch  of  computers  had  slow  drives  (about  4500  rpm).  The  result  was 
tightening  of  specifications  for  computer  purchases. 

Often,  more  than  one  tool  is  required  to  uncover  drive-related  performance  problems. 
Adaptec's  ThreadMark  exercises  disk  drives  with  various-sized  I/O  loads  and  monitors 
CPU  utilization  at  the  same  time.  Two  identical  Pentium  II  266s  were  tested,  one  with  an 
EIDE  drive  (Column  7)  and  one  with  UW  SCSI  (Column  8).  While  their  SpeedRate  CPU 
metrics  were  not  that  dissimilar  (233  and  254),  the  data  transfer  rates  were  substantially 
different  (3.41  MBps  and  5.92  MBps).  The  amount  of  time  the  CPU  required  for  the 
tests  was  very  different  as  well  (70  per  cent  and  1 1  per  cent).  In  other  words,  the  EIDE- 
based  computer  spent  70  per  cent  of  the  CPU  time  servicing  the  disk  I/O  requests 
compared  to  1 1  per  cent  for  the  UW.  It  is  easy  to  see  from  this  test  why  any  server- 
based  application  requires  a  UW  drive. 
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Columni 

Column  2 

Column  3 

Column  4 

Column  5 

Column  6 

Column  7 

Column  8 

Pentium 

Pentium 
OD 

Pentium 
Pro 

Pentium 
Pro 

Pentium 
II 

Pentium 
11 

Pentium 
1! 

MHz 

120 

133 

200 

180 

233 

266 

266 

Speed  Rate 

Processor 

357 

297 

806 

811 

864 

983 

994 

Disk 

90 

164 

232 

410 

269 

233 

254 

Graphics 

332 

418 

277 

537 

951 

1143 

Threadmark  2.0 

Data  Transfer 
Rate  in  MBps 

1.93 

3.23 

2.51 

5.22 

5.20 

3.41 

5.92 

Average  CPU 

37.05% 

40.64% 

55.18% 

12.90% 

10.16% 

70.27% 

1 1 .34% 

TABLE  12:  DISK  SPEED  METRICS 


According  to  Microsoft  (<www.microsoft.com/hwdev/devdes/idedma.htnn>),  typical 
computers  use  40  per  cent  CPU  doing  hard-drive  transfers  in  RIO  mode  and  25  per 
cent  in  DMA  mode.  There  is  a  fix  for  Windows  95. 

UDMA  drives  promise  burst  speeds  of  33  MBps.  Only  computers  with  the  TX 
chipset  or  LX  chipset  from  Intel  can  make  use  of  the  increased  speed.  The  other 
chipsets  will  run  in  RIO  Mode  4  (ATA-2).  Win98  will  support  UDMA,  and  Windows 
NT  Workstation  will  require  an  upgrade  to  ATARI. SYS  to  utilize  it. 


The  web  provides  extensive  information  about  manufacturer  and  model  numbers  for  disk 
drives  (Table  1 3).  Data  on  track/inch  and  other  metrics  are  readily  available  at  the 
various  sites. 
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Manufacturer 

Quantum 

Western 
Digital 

Quantum 

Quantum 

Seagate 

Model 

Bigfoot  TX 

AC22100 

Atlas  II 

Viking  II 

Cheeta  9 

Formatted  Capacity  (MB) 

4018 

2111.8 

4550 

9100 

9100 

Interface 

Ultra 
DMA/33 

EIDE 

UltraSCSI-3 

Ultra  LVD 

Ultra  2 
SCSI 

Seek  Time  (ms) 

•    Average  (read) 

<12 

<12 

8 

7.5 

5.7 

•  Track-to-Track 

2.5 

3 

1 

0.9 

0.8 

•    Full  Stroke 

24 

22 

<18 

<=15 

Average  Rotational  Latency 
(ms) 

7.5 

5.76 

4.17 

4.17 

2.9 

Rotational  Speed  (rpm) 

4000 

5200 

7200 

7200 

10,025 

Maximum  Areal  Density  (MB 
per  square  inch) 

659 

1340 

Buffer  Size  (KB) 

128 

128 

512 

512 

1024 

Internal  Data  Rate  (MB/s) 

142 

53-104 

121 

98-170 

122-177 

Internal  Formatted  Transfer 
Rate  (MB/s) 

14.5-23 

Transfer  Rate  -  Host  (MB/s) 

33.3 

33.3 

40 

80 

80 

MTBF  (hours) 

300,000 

1,000,000 

Warranty  (years) 

3 

5 

Source 

httD://www. 
quantum.co 
m/oroducts/ 
hdd/biofoot 
tx/q  biq  s 
D.html 

httD://www. 

wdc. com/or 

oducts/drive 

s/drive- 

SDecs/AC22 

100.html 

httD://www. 
quantum.co 
m/oroducts/ 
hdd/atlas  11/ 
q  at  sp.ht 
ml 

http://www. 
quantum.co 
m/products/ 
hdd/vikinq  1 
l/q  vkq2  kv 
.html 

httD://www.s 
eaqate.com 
/disc/cheeta 
h/cheetah.s 
html 

TABLE  13:  SAMPLE  DISK  DRIVE  SPECIFICATIONS 


The  Ziff-Davis  Winstone  and  WinBench  benchmarks  are  for  business  and  high-end 
users.  Business  Winstone98  uses  nine  applications — Netscape  Navigator,  Microsoft 
Word  97,  PowerPoint  97,  Excel  97,  Access  97,  Lotus  97,  Corel  WordPerfect  7,  Quattro 
Pro  7,  and  CorelDRAW  7.  These  are  the  applications  most  likely  to  be  found  on  a  newer 
computer  in  K-12  education.  The  high  end  (NT  only)  uses  include  Adobe  Photoshop 
4.01,  Premiere  4.2,  Microsoft  FrontPage97,  Visual  0-^-^5.0,  MicroStation  95,  PV-Wave 
6.1 ,  and  AVS/Express  3.1 . 

One  of  the  WinStone  categories,  business  task  switching,  tests  how  well  a  system 
performs  when  switching  between  applications  such  as  Word  and  Excel. 
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The  WinBench  suite  tests  five  major  subsystems — processor/RAM,  graphics,  disl^,  CD- 
ROM,  and  full-motion  video.  The  3D  suite  tests  performance  and  rendering  quality  for 
3D  graphics. 

Tests  were  conducted  on  various  computers.  The  results  for  the  researcher's  Pentium  II 
(266)  appear  in  Table  14.  The  drive  tested  was  a  Quantum  XP39100W.  The  two  major 
scores  gave  the  overall  transfer  rate  for  the  business  test  at  1360  KBps  and  a  high-end 
transfer  rate  of  3380  KBps. 


Benchmark 

Result 

Notes 

WinBench  98/Business  Disk  WinMark  98  (thousand  bytes/second) 

1360 

3,4,b 

WinBench  98/High-End  Disk  WinMark  98  (thousand  bytes/second) 

3380 

3,4,b 

1mPv7I  1  vl  11 1  ICll  ffV 

Result 

Notes 

WinBench  98/Disk  Playback/Bus:Browsers  (thousand  bytes/second) 

2110 

WinBench  98/Disk  Playback/Bus:Overall  (thousand  bytes/second) 

1360 

WinBench  98/Disk  Playback/BusPublishing  (thousand  bytes/second) 

1580 

WinBench  98/Disk  Playback/Bus :SS/Database  (thousand  bytes/second) 

949 

WinBench  98/Disk  Playback/BusTask  Switching  (thousand  bytes/second) 

1640 

WinBench  98/Disk  Playback/Bus:WP  (thousand  bytes/second) 

1620 

WinBench  98/Disk  Playback/HE:AVS/Express  3.1  (thousand  bytes/second) 

2500 

WinBench  98/Disk  Playback/HE:FrontPage  97  (thousand  bytes/second) 

2360 

WinBench  98/Disk  Playback/HE:MicroStation  95  (thousand  bytes/second) 

6650 

WinBench  98/Disk  Playback/HE:Overall  (thousand  bytes/second) 

3380 

3,4,b 

WinBench  98/Disk  Playback/HE:Photoshop  4.0  (thousand  bytes/second) 

2500 

WinBench  98/Disk  Playback/HE:Premiere  4.2  (thousand  bytes/second) 

4400 

WinBench  98/Disk  Playback/HE:PV-Wave  6.1  (thousand  bytes/second) 

2830 

WinBench  98/Disk  Playback/HE:Visual  C++  5.0  (thousand  bytes/second) 

8510 

WinBench  98/Disk/Read  CPU  Utilization  (per  cent  used) 

5.9 

y,4,b,10,11 

WinBench  98/Disk/Read  Random  Access: Average  Seek  Time  (milliseconds) 

10.5 

3,4,b 

WinBench  98/Disk/Read  Transfer  Rate:Beginning  (thousand  bytes/second) 

9630 

3,4,b 

WinBench  98/Disk/Read  Transfer  Rate:End  (thousand  bytes/second) 

8920 

TABLE  14:  WINBENCH98  DISK  RESULTS 


Notes: 

3.  The  playback  directory  was  c:\~wbdtmp. 

4.  Common  test  settings:  Disk  Drive  =  c:\  CDROM  Drive  =  e:\  Report  CPU  Utilization  =  No. 

5.  The  following  Windows  tasks  were  running  during  this  test  and  could  affect  the  test  results: 
comsmd.exe,  LexStart.Exe,  mgactrl.exe,  MGAHOOK.EXE,  MGAQDESK.EXE,  mgasc.exe, 
netMedic.exe,  OSA.EXE,  pstores.exe,  REALPLAY.EXE,  smartagt.exe,  snmp.exe,  syshook.exe. 

10.  The  block  size  used  was  32,768  bytes. 

1 1 .  The  transfer  rate  achieved  was  9488  thousand  bytes  per  second. 
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The  overall  score  results  are  a  composite  of  various  subtests.  Notice  the  bus  browser 
gave  a  score  of  2110;  word  processing,  1620;  and  video  editing,  4400.  These  numbers 
indicate  transfer  rates  for  particular  application  software  and  can  be  matched  to  the 
applications  required  for  the  computer.  Notice  that  the  overall  CPU  was  5.9  per  cent 
whereas  the  disk-intensive  ThreadMark  yielded  1 1  per  cent. 


Tip  

Use  benchmarks,  and  ask  for  them  when  dealing  with  vendors  and  colleagues.  It  forces 
people  to  quantify  variables  and  moves  computing  capacity  planning  from  a  "black  art" 
towards  a  science.  Realize  that  some  benchmarks  that  do  not  publish  source  code  may 
be  tailored  to  maximize  features. 


On  a  recent  price  list  acquired  for  this  report,  five  4.5-GB  UW  SCSI  drives  were 
examined.  The  prices  for  these  drives  ranged  from  a  low  of  $624  to  a  high  of  $959,  for  a 
difference  of  $335.  All  the  drives  were  "4.5-GB  UW"  drives.  Having  more  detailed 
specifications  would  permit  the  rational  matching  of  disk  drives  to  the  purpose  for  which 
they  are  intended.  "Let  the  buyer  beware. " 


Tip 


The  manufacturer  and  model  number  of  a  drive  can  be  used  to  locate  drive 
specifications  on  the  manufacturer's  web  site.  The  most  common  drive  sites  are: 

Seagate:  <http://www.seaqate.com/> 

Quantum:  <http://www.quantum.com/> 

Western  Digital:  <http://www.wdc.com/> 

IBM:  <http://www.storaqe.ibm. com.:80/storaqe/hardsoft/diskdrdl.htm> 


Drive  technology  continues  to  evolve.  At  the  time  of  this  writing,  Ultra-2  SCSI  drives 
were  beginning  to  appear.  (So  were  fibre  channel,  but  this  is  not  an  issue  for  most 
school  locations.)  Ultra-2  SCSI  or  SCSI3  drives  double  the  bus  bandwidth  from  40 
MBps  to  80  MBps  and  illustrate  the  move  to  more  "intelligent"  subsystems.  As  with 
graphics,  the  disk  subsystem  is  moving  towards  reducing  the  load  on  the  CPU  and  bus. 

Those  who  need  to  buy  "the  newest  and  best"  should  look  up  the  specifications  and  ask 
the  vendor  for  the  disk  tests  in  the  WinBench  suite.  Just  because  it  is  possible  to  deliver 
up  to  80  MBps  does  not  mean  it  will  on  the  computer  someone  installs  it  on. 
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Tips 


1 


— —  : — 

•  Do  not  put  a  fast,  state-of-the-art  drive  in  a  computer  that  has  a  slow  controller  or 

bus. 

•  7200  and  10,000-rpnn  drives  generate  more  heat.  Ensure  case  ventilation. 

•  By  installing  drives  with  lower  specifications,  vendors  can  increase  profit  margins 
when  only  size  is  specified.  Ask  for  model  numbers  and  performance  benchmarks. 

•  A  sustained  data  rate  of  3.5  MBps  is  adequate  for  many  typical  users. 

•  Multimedia  requires  a  sustained  data  rate  of  greater  than  5  MBps.  The  higher  the 
better. 

•  An  additional  source  of  information  on  disk  drives  is  advertisements  in  the  back  of 
computer  magazines.  Companies  that  specialize  in  selling  disk  drives  will  list  the 
manufacturer,  model,  rotational  speeds,  and  prices  in  $US. 

•  CD-ROM  speeds  require  more  than  spin  rate.  Look  at  more  detailed  questions  such 
as  transfer  rates. 

•  Performance  is  often  reduced  because  the  data  on  a  disk  drive  becomes 
fragmented.  The  regular  def  rag  mentation  of  disk  drives  significantly  changes  their 
performance. 


FireWire  (IEEE  1394)  has  burst  throughputs  between  100  and  400  Mbps  and  will  be 
used  to  directly  move  video  from  a  digital  video  camera  to  a  drive.  This  interface  permits 
downloading  of  large  amounts  of  digital  video  directly  to  the  computer  for  editing.  By 
eliminating  data  conversion,  it  permits  "lossless"  non-linear  editing.  There  are  shipping 
products  with  FireWire  adapters,  both  in  the  video  world  and  microcomputer  world. 


FIREWIRE  VERSUS  USB~-TWO  SEPARATE  PURPOSES 


1394/FireWire  USB 

Maximum  Devices         62  127 

Data  Transfer  Rate        200  Mbps  1 2  Mbps 

(25MB/S)  (1.5MB/S) 

Macintosh  Yes  No 


The  future  1394  will  include  400  Mbps,  800  Mbps,  and  1  Gbps  whereas  USB  is  not 
designed  to  change. 

Peripherals  of  1394  will  be  disk  drives,  DV  camcorders,  HDTV,  set  top  boxes,  high- 
resolution  digital  cameras,  etc.  Peripherals  of  USB  will  be  keyboards,  mice,  monitors, 
joysticks,  speakers,  etc. 


66    NETWORK  DESIGN 


LAYERS  AND  COMPUTER  PERFORMANCE 


Tip 


DV  capture  from  a  1 394-enabled  camcorder  to  a  computer  requires  a  sustained  data 
transfer  rate  of  3.6  MB  per  second  or  more.  A  hard  disk  that  is  not  fast  enough  to 
capture  data  at  this  rate  will  drop  frames.  IDE  drives  are  not  fast  enough  so  a  SCSI 
drive  will  be  required. 


CASE  ANALYSIS:  CD  SERVER  ON  HD 

Grande  Yellowhead  Regional  Division  No.  35  has  demonstrated  the  use  of  a  "switched 
to  the  desktop"  coupled  with  common  CDs  such  as  Encarta  on  a  server  with  UW  SCSI 
drives.  Schools  in  the  division  have  a  cache  server  on  site.  Students  can  access 
information  from  the  faster  hard  drives  instead  of  the  CD.  This  excellent  design  makes 
common  services  available  throughout  the  school.  In  elementary  settings,  it  also  can 
significantly  reduce  the  Internet  traffic  requirement  since  more  of  the  data  resides  in  the 
school. 


GRAPHICS  SUBSYSTEM 

The  graphics  subsystem  in  computing  is  changing  very  quickly  and  will  likely  continue  to 
do  so.  The  graphic  subsystem  consists  of  the  graphics  card  (may  be  a  card  in  a  slot  or 
on  the  motherboard)  and  the  monitor  attached  to  the  computer. 

Most  monitors  have  physical  metrics  which  include  screen  size  (15,  17,  19,  21  inches), 
pixel  size  (0.25-0.28  mm),  refresh  rates  (60-100  Hz),  etc.  Schools  purchasing 
computers  need  to  ask  questions  about  more  than  screen  size.  A  17-inch  monitor  that  is 
specified  to  display  a  maximum  of  1024  X  768  pixels  is  a  different  price  than  one  that  is 
specified  to  display  1280  X  1024.  To  be  "flicker  free,"  the  vertical  refresh  rate  (the 
number  of  times  per  second  the  screen  is  redrawn)  needs  to  be  85  Hz  or  better. 
Screens  that  deliver  1024  X  768  at  60  Hz  will  exhibit  flicker  and  often  cause  eyestrain. 
Since  the  screen  is  the  major  component  for  the  user,  specify  more  than  just  screen 
size. 


Tips   

 —J 

•  While  the  monitor  currently  is  attached  via  a  special  cable,  new  monitors  (and 
speakers)  will  make  use  of  the  USB  port  coming  with  the  newer  motherboards.  This 
is  an  important  trend  to  keep  in  mind  when  purchasing  equipment.  Consider 
monitors  that  have  a  USB  option. 

•  If  the  graphics  card  can  display  1 600  X  1 200  and  the  monitor  1 024  X  768,  then  all 
the  user  will  ever  see  is  1024  X  768.  Monitors  of  lower  standards  can  be  attached  to 
higher-end  graphics  cards,  but  will  be  able  to  display  only  to  their  own  specifications. 

•  USB  has  a  burst  throughput  of  1 2  Mbps. 

•  Always  specify  requirements  in  size  of  screen,  pixel  depth,  and  refresh  rates.  For 
example,  17  inch— 1024  X  768  at  24  bit  and  85  Hz. 

•  Screen  size  is  important.  A  1 9-inch  screen  is  not  just  two  inches  larger  than  a  1 7- 
inch  screen.  It  has  28  per  cent  more  viewing  area. 
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Since  graphics  cards  are  changing  rapidly,  this  report  deals  with  only  a  subset  of  the 
issues.  The  amount  of  graphics  memory  can  be  derived  easily  (Table  15),  depending  on 
requirements.  For  flexibility,  the  graphics  card  should  be  able  to  add  memory  as 
requirements  change. 


Resolution 

16  colour 

256  colour 

65,000 

16.7  M 

4  bit 

8  bit 

colour 

24  bit 

MB 

MB 

16  bit 

MB 

MB 

640  X  480 

0.5 

0.5 

1 

2 

800  X  600 

0.5 

1 

2 

2 

1024X768 

1 

1 

2 

2 

1 280 X 1024 

1 

2 

4 

4 

1 600 X 1200 

2 

2 

4 

8 

1800X  1440 

2 

4 

8 

8 

TABLE  15:  GRAPHIC  RAM  REQUIREMENTS 


Graphic  performance,  which  is  more  difficult  to  quantify,  is  perhaps  the  most  rapidly 
changing  subsystem  in  a  computer.  Assuming  a  PCI  bus  card,  the  CPU  must  take  its 
graphic  output  from  memory  and  send  it  to  the  graphics  card  via  the  PCI  bus.  The 
graphics  card  then  converts  the  digital  information  back  to  analog  and  sends  this  to  the 
monitor,  which  in  turn  displays  the  information  on  the  screen.  Moving  a  window  on  the 
screen  therefore  becomes  a  CPU-intensive  task. 

In  moving  identical  windows  on  a  variety  of  computers — a  Pentium  II  with  a  good 
graphics  card,  a  PentiumPro,  a  Pentium  with  and  without  MMX,  an  older  Macintosh  like 
an  LC575,  and  a  new  G3-based  Macintosh — the  impact  of  limiting  factors  of  CPU  clock 
speed,  bus  speed,  bus  data  path,  etc.,  will  quickly  become  obvious. 

New  graphics  cards  are  now  on  the  market  and  new  3D  graphics  cards  are  becoming 
more  common.  A  comparison  of  three  graphics  cards  (Table  16)  illustrates  the 
increased  complexity  of  graphics  subsystems  and  the  lack  of  easily  obtained  detailed 
information. 
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Graphics  Cards 

Millenium  11 

GLoria-L  3D 

Fire  GL  4000 

Acceleration 

2D  GUI,  250  MHz 
RAMDAC 

IBM  RGB526DB 
200  MHz 

Tl  TVP3026  220 
MHz 

2D3D  Controller 

Evans  and 

OUUIdlClllU  OlJiiKJ 

\/r^A  Pontrnllor 

P.irri  ic  RAAf^ 

Ivlcl  1  lUi  y 

WRAM 
vv  nrMvi 

VRAM 
DRAM 

'^^RA^yl 

OL-TirAIVI, 

CDRAM 

nnntrnllpr 

III  v./ 1 1  ^  1 

MGA  2164W 

Bus  Type 

PCI 

RAMDAC  MHz 

250 

Maximum  Memory  MB 

16 

16 

Memory  Speed 

50  ns 

60  ns  VRAM,  50ns 
DRAM  (GLINT) 

10ns3DRAM,  15 
ns  CDRAM  (3DPro) 

Data  Path 

64-bit 

64-bit 

64-bit 

Controller  Clock  Speed  MHz 

66 

50 

70 

Maximum  Vertical  Refresh  Rate 
Hz 

200 

200 

120 

Maximum  Horizontal  Scan  Rate 
KHz 

114 

Maximum  Pixel  Rate  MHz 

250 

200 

200 

Random  10-Pixel  Solid  Lines 
(K/s) 

310 

1250 

6000 

Filled  25-Pixel  Triangles  (K/s) 

140 

500 

2000 

TABLE  16:  COMPARISON  OF  NEWER  GRAPHICS  CARDS 


The  WinBench98  suite  attempts  to  quantify  graphic  performance  and  therefore  give  the 
user  a  few  metrics  to  use  instead  of  a  longer  list  of  detailed  parameters.  These  include 
the  WinBench98/Business  Graphics  WinMark98  and  WinBench98/High-End  Graphics 
WinMark98. 

A  recent  significant  development  in  graphics  is  the  accelerated  graphics  port  (AGP)  first 
implemented  with  the  Intel  440LX  chipset.  Recognizing  that  the  PCI  was  getting 
congested  by  ever-increasing  graphics  traffic,  Intel  decided  to  move  the  graphics  traffic 
to  a  dedicated  point-to-point  channel  between  the  graphics  controller  and  the  system 
chip  set.  AGP  frees  up  the  PCI  bus  for  other  tasks  such  as  I/O  to  the  disk  and  network. 

The  66-MHz  PCI  bus  has  a  capacity  of  133  MBps.  AGP-2x  will  deliver  533  MBps  and 
AGP-4X  (1999)  will  deliver  greater  than  one  GBps.  This  greatly  increased  graphics 
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transfer  rate  is  starting  to  be  matched  by  faster  graphics  engines  on  the  AGP  graphics 
cards. 


For  more  information  on  AGP:  <http://www.intel.com/technoloqv/aqp/> 

One  of  the  "hot"  new  graphics  engines  is  the  RIVA128  chip  from  nVidea  rated  at  five 
giga  floating  points  operations  per  second  (GFLOPS)  floating  point  setup  engine  and 
fifteen  billion  operations  per  second  (BOPS)  integer  pixel  engine.  Another  metric  is  five 
million  triangles  per  second  and  100  million  pixels  per  second.  There  is  not  much  point 
in  having  AGP  without  a  faster  graphics  processor. 

AGP  will  be  supported  in  NT  5.0  and  Windows98.  It  appears  that  there  are  no 
equivalent  developments  similar  to  AGP  in  the  Macintosh  environment. 

In  April  1998,  computers  with  the  Intel  BX  chipset  began  shipping.  This  chipset,  which 
supports  a  bus  speed  of  100  MHz,  will  have  a  significant  impact  on  performance, 
particularly  for  high  traffic  areas  such  as  servers. 


Most  users  will  not  require  the  capacity  of  AGP-type  developments  except  for  high-end 
applications  or  virtual  reality  (VRML).  (VRML  simulations  will  increasingly  become 
available  in  education.)  Flexibility  is  the  issue  for  education  users.  If  it  is  anticipated  that 
applications  such  as  VRML  will  be  a  reality  in  the  life  of  the  computer  (three  to  seven 
years),  then  AGP  may  be  worth  looking  at. 


Useful  Sites 

Some  common  graphic  sites: 
Matrox  <http://www.matrox.com/> 
S3  <http://www.s3.com/> 
Cirrus  Logic  <http://www.cirrus.com/> 
ATI  <http://www.atitech.com/> 

NVidea  <http://www.nvidia.com/products/frames  overview. htm l> 


MOTHERBOARDS 

The  school  micro  is  no  longer  a  stand-alone  entity.  Since  support  is  part  of  the  long- 
term  cost  of  ownership,  the  following  specifications  should  be  required  in  any  new 
computer: 

•    DMI  2.0  compliance.  "Compliant"  is  different  from  "compatible."  DMI  permits 
remote  monitoring  as  well  as  inventory  of  system  components. 
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•  32-bit  service  layer.  If  a  network  management  package  (e.g.,  HP's  Open  View)  is 
to  be  managed  remotely,  there  must  be  a  32-bit  service  layer  that  arbitrates 
access  and  manages  the  PC's  MIF  database  (should  come  with  DMI  2.0). 

•  MIF  browser.  A  management  information  file  browser  allows  queries  for 
hardware  and  software  information.  Many  MIF  browsers  are  proprietary,  but 
there  are  some  emerging  standards. 

•  Wake  on  LAN.  A  newly  emerging  capability  will  permit  network  administrators  to 
remotely  "power  up"  a  computer  and  update  files,  monitor  assets  and  inventory. 

Alberta  Education  has  asked  jurisdictions  for  computer  inventory  reports  in  the  past. 
Maintaining  current  inventory  lists  are  a  chronic  problem  since  computers  are  moved, 
new  ones  acquired,  different  versions  of  software  are  installed,  and  so  on.  Couple  this 
with  recent  changes  to  Canadian  copyright  law,  and  maintaining  inventory  becomes  a 
significant  management  issue  for  schools  and  jurisdictions.  "Wake  on  LAN"  and  DMI  are 
some  of  the  technologies  that  will  ease  the  burden  of  keeping  inventory  by  making  it 
interactive. 


Network  Tool 


LANDesk  Management  (LDMS)  from  Intel  is  one. of  an  emerging  set  of  tools  for 
hardware/software  metering,  remote  control,  software  distribution,  and  virus  scanning. 
LANDesk,  designed  to  run  on  NT  Server,  supports  Windows  3.x,  Windows  95,  Windows 
NT,  Macintosh,  and  OS/2  clients. 


Software  can  be  sent  to  client  PCs  via  push  (sends  an  update  at  log-on  or  at  a 
scheduled  time),  forced  push  (user  can  not  cancel  update),  and  pull  (user  requests 
software  from  server).  These  features  are  useful  when  new  versions  of  software  (e.g., 
Excel)  are  to  be  installed.  Automating  this  process  will  make  support  easier. 

Providing  cost  justification  for  some  of  this  newer  technology  becomes  easier  when  the 
long-term  cost  of  ownership  is  used.  Assume  it  takes  a  technician  one  hour  plus  travel 
to  install  a  software  upgrade  (for  illustration,  assume  $30  per  hour).  Experience 
indicates  that  each  software  package  is  upgraded  every  one  to  two  years  (assume  two 
years).  If  there  are  typically  three  to  five  applications  running  on  each  computer 
(assume  five),  there  would  be  estimated  costs  of  $150  per  computer  (five  applications  at 
$30  each)  every  two  years,  or  $75  per  year.  If  a  computer  is  used  for  five  years,  the 
software  update  costs  are  $375.  Ignoring  personnel  limitations  (a  significant  issue  for 
most  school  jurisdictions),  any  software  package  that  would  reduce  costs  by  $375  per 
computer  over  five  years  would  be  a  cost-effective  solution. 
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Holistic  Costs 


"Long-term  or  total  cost  of  ownership"  is  a  key  mindset  for  schools  and  jurisdictions  that 
must  be  considered  in  planning  for  computer  purchases.  Unfortunately,  capital 
purchases  often  are  in  decentralized  school  budgets  and  support  costs  in  other  budgets. 
This  accounting  reality  inhibits  true  cost  minimization. 


LAYERS  AND  COMPUTER  PERFORMANCE  SUMMARY 

For  most  computer  purchases,  lowest  price  and  fastest  clock  are  the  major  criteria. 
Computers  are  compared  on  the  basis  of  little  more  than,  "Both  have  4.5-GB  drives." 
Little  thought  is  given  to  performance,  transfer  rates,  and  so  on.  Sometimes  a  faster 
CPU  with  a  slower  drive  will  actually  perform  at  a  lower  level  than  one  with  a  faster  drive. 
A  motherboard  with  the  graphics  chip  attached  will  be  more  inexpensive  than  one  with  it 
on  a  card. 

What  is  given  up  is  flexibility.  If  a  school  purchases  computers  with  graphics  on  the 
motherboard  at  800  X  600  pixels  or  1024  X  768  pixels,  these  can  not  be  upgraded  later 
to  higher  levels  such  as  1280  X  1024  when  the  school  wants  to  have  more  on  the 
screen.  To  illustrate  this  point,  think  about  the  new  multimedia  world  that  students  are 
moving  into  with  MPEG  video  and  DVD.  Since  schools  often  have  to  keep  computer 
equipment  for  many  years,  flexibility  of  upgrades  should  be  an  important  criterion  along 
with  price  and  clock  speed. 


Forecast  | 

s  

Students  will  increasingly  use  multimedia — which  impacts  both  graphics  and  disk 
subsystems — in  the  classroom. 

Schools  can  use  various  tools  and  metrics  to  quantify  CPU  speeds,  disk  performance, 
network  interface  performance,  and  so  on  in  order  to  quantify  purchasing  decisions,  and 
provide  networks  that  perform  better  and  retain  longer-term  flexibility. 
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SUMMARY 


In  future,  even  a  small  school  is  likely  to  have  many  servers  in  a  quite  complex 
environment.  However,  many  schools  do  not  have  the  time,  staff,  or  expertise  to  support 
the  emerging  technology.  Site-based  decision  making  often  has  resulted  in  decisions  for 
technology  and  support  decentralized  to  the  school  that  will  likely  be  inappropriate  in  the 
near-term  future.  While  this  approach  gives  schools  flexibility,  it  often  does  not  address 
equity  and  causes  short-term  technology  decisions. 


Suggested  Strategies 

•  Network  LANs  and  WAN  should  be  the  responsibility  of  the  school  jurisdiction. 

•  All  computer  and- network  purchases  should  be  co-ordinated  centrally  within 
jurisdictions. 

....  .  ' 

From  a  user's  point  of  view,  performance  includes  the  various  subsystems,  LAN  devices, 
and  WAN  connections.  It  is  an  end-to-end  issue.  For  adequate  long-term  performance, 
the  overall  architecture  must  include  all  aspects  of  the  network. 
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The  source  for  this  glossary  is  the  site  PCWebopedia  <http://www.pcwebopedia.com>. 
Some  of  the  entries  have  been  adapted  for  the  purpose  of  this  document. 


ACK  Packet 


Each  time  a  data  packet  is  received  on  the  network  an  acknowledgment 
packet  is  sent  back  to  verify  that  the  packet  was  received. 


AGP 


Short  for  Accelerated  Graphics  Port,  a  new  interface  specification  developed 
by  Intel  Corporation.  AGP  is  based  on  PCI,  but  is  designed  especially  for  the 
throughput  demands  of  3-D  graphics.  Various  levels  of  data  transfer  rates  are 
offered:  1X  is  266  MBps,  2X  is  533  MBps;  and  4X  provides  1.07  GBps. 


ANSI 


Acronym  for  the  American  National  Standards  Institute.  Founded  in  1918, 
ANSI  is  a  voluntary  organization  composed  of  over  1300  members  (including 
all  the  large  computer  companies)  that  creates  standards  for  the  computer 
industry. 


ATA 


Short  for  Advanced  Technology  Attachment,  a  disk  drive  implementation  that 
integrates  the  controller  on  the  disk  drive  itself. 


Average  Access  The  sum  of  the  Average  Seek  Time  and  Average  Latency.  It  typically 
Time  represents  the  amount  of  time  it  takes  for  a  drive  to  locate  data. 


Average  Latency 


The  time  the  drive  takes  to  spin  the  platters  until  the  appropriate  portions  of  the 
tracks  are  spinning  under  the  heads. 


Average  Seek  Time 


The  average  time  it  takes  for  a  drive's  read/write  head  to  move  over  the 
platters  to  a  requested  track.  Seek  times  tend  to  decrease  as  disk  capacity 
increases. 


Backbone 


Another  term  for  bus,  the  main  wire  that  connects  nodes  (computers  or 
devices  on  a  network).  The  term  is  often  used  to  describe  the  main  network 
connections  composing  the  Internet. 


Bandwidth 


Bus 


The  amount  of  data  that  can  be  transmitted  in  a  fixed  amount  of  time.  For 
digital  devices,  the  bandwidth  is  usually  expressed  in  bits  per  second  (bps)  or 
bytes  per  second  (Bps).  For  analog  devices,  the  bandwidth  is  expressed  in 
cycles  per  second,  or  Hertz  (Hz). 

In  networking,  a  bus  is  a  central  cable  that  connects  all  devices  on  a  local  area 
network.  It  also  is  called  the  backbone. 


Cache 


Pronounced  cash,  a  special  high-speed  storage  mechanism.  It  can  be  either  a 
reserved  section  of  main  memory  or  an  independent  high-speed  storage 
device. 


Centrex 


Short  for  central  office  exchange  service,  a  new  type  of  PBX  service  in  which 
switching  occurs  at  a  local  telephone  station  instead  of  at  the  company 
premises.  Typically,  the  telephone  company  owns  and  manages  all  the 
communications  equipment  necessary  to  implement  the  PBX  and  then  sells 
various  services  to  the  company. 
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Controller 


A  device  that  controls  the  transfer  of  data  from  a  computer  to  a  device  and  vice 
versa.  For  example,  disk  drives,  display  screens,  keyboards,  and  printers  all 
require  controllers. 


CPU  Short  for  Central  Processing  Unit.  The  CPU  is  simply  the  brain  of  the 

computer. 

CSMA/CD  Short  for  Carrier  Sense  Multiple  Access/Collision  Detection,  a  set  of  rules 

determining  how  network  devices  respond  when  two  devices  attempt  to  use  a 
data  channel  simultaneously  (called  a  collision).  Standard  Ethernet  networks 
use  CSMA/CD.  This  standard  enables  devices  to  detect  a  collision.  After 
detecting  a  collision,  a  device  waits  a  random  delay  time  and  then  attempts  to 
retransmit  the  message. 


Data  Transfer  Rates    The  speed  with  which  data  can  be  transmitted  from  one  device  to  another. 

Data  rates  are  often  measured  in  megabits  (million  bits)  or  megabytes  (million 
bytes)  per  second.  These  are  usually  abbreviated  as  Mbps  and  MBps, 
respectively. 


DMA  Abbreviation  of  Direct  Memory  Access,  a  technique  for  transferring  data  from 

main  memory  to  a  device  without  passing  it  through  the  CPU.  Computers  that 
have  DMA  channels  can  transfer  data  to  and  from  devices  much  more  quickly 
than  computers  without  a  DMA  channel  can.  This  is  useful  for  making  quick 
backups  and  for  real-time  applications. 

DNS  Short  for  Domain  Name  System  (or  Service),  an  Internet  service  that  translates 

domain  names  into  IP  addresses.  Because  domain  names  are  alphabetic, 
they  are  easier  to  remember.  The  Internet  however,  is  really  based  on  IP 
addresses.  Every  time  you  use  a  domain  name,  therefore,  a  DNS  service 
must  translate  the  name  into  the  corresponding  IP  address.  For  example,  the 
domain  name  www.example.com  might  translate  to  198.105.232.4. 


Domain  Name  A  name  that  identifies  one  or  more  IP  addresses.  For  example,  the  domain 

name  microsoft.com  represents  about  a  dozen  IP  addresses. 


DRAM  Pronounced  dee-ram,  DRAM  stands  for  Dynamic  RAM,  a  type  of  memory 

used  in  most  personal  computers. 

DV  Short  for  Digital  Video.  Refers  to  the  capturing,  manipulation  and  storage  of 

video  in  digital  formats. 

ECC  Short  for  Error-Correcting  Code  memory,  a  type  of  memory  that  includes 

special  circuitry  for  testing  the  accuracy  of  data  as  it  passes  in  and  out  of 
memory. 


EDO  RAM  Short  for  Extended  Data  Output  DRAM,  a  type  of  DRAM  that  is  faster  than 

conventional  DRAM. 

EIA  Short  for  Electronic  Industries  Association.  A  trade  association  representing 

the  U.S.  high  technology  community.  It  began  in  1924  as  the  Radio 
Manufacturers  Association.  The  EIA  sponsors  a  number  of  activities  on  behalf 
of  its  members,  including  conferences  and  trade  shows. 
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EIDE  Short  for  Enhanced  IDE,  a  newer  version  of  the  IDE  mass  storage  device 

interface  standard  developed  by  Western  Digital  Corporation.  EIDE  is 
sometimes  referred  to  as  Fast  ATA  or  Fast  IDE,  which  is  essentially  the  same 
standard,  developed  and  promoted  by  Seagate  Technologies.  It  also  is 
sometimes  called  ATA-2. 


Ethernet  A  local  area  network  (LAN)  protocol  developed  by  Xerox  Corporation  in  co- 

operation with  DEC  (Digital  Equipment  Corporation)  and  Intel  in  1976.  It  is  one 
of  the  most  widely  implemented  LAN  standards.  A  newer  version  of  Ethernet, 
called  100Base-T  (or  Fast  Ethernet),  supports  data  transfer  rates  of  100  Mbps 
(Megabits  per  second);  and  the  newest  version,  Gigabit  Ethernet  supports  data 
rates  of  one  gigabit  (1000  megabits)  per  second. 


Filters  (Packet  Controlling  access  to  a  network  by  analyzing  the  incoming  and  outgoing 

Filtering)  packets  and  letting  them  pass  or  halting  them  based  on  the  IP  addresses  of 

the  source  and  destination.  Packet  filtering  is  one  technique,  among  many,  for 

implementing  security  firewalls. 


Firewall  A  system  designed  to  prevent  unauthorized  access  to  or  from  a  private 

network.  Firewalls  can  be  implemented  in  both  hardware  and  software,  or  a 
combination  of  both.  Firewalls  frequently  are  used  to  prevent  unauthorized 
Internet  users  from  accessing  private  networks  connected  to  the  Internet, 
especially  intranets.  All  messages  entering  or  leaving  the  Intranet  pass 
through  the  firewall,  which  examines  each  message  and  blocks  those  that  do 
not  meet  the  specified  security  criteria. 

Firewire  (IEEE  1394)    A  new,  very  fast  external  bus  standard  that  supports  data  transfer  rates  of  up 
to  400  Mbps  (400  million  bits  per  second).  1394  is  ideal  for  devices  that  need 
to  transfer  high  levels  of  data  in  real  time,  such  as  video  devices.  The  main 
difference  between  1394  and  USB  (Universal  Serial  Bus)  is  that  1394  supports 
faster  data  transfer  rates  and  is  more  expensive. 

FTP  Abbreviation  of  File  Transfer  Protocol,  the  protocol  used  on  the  Internet  for 

sending  files. 


Gbps  Short  for  Gigabits  per  second,  a  data  transfer  speed  measurement  for  high- 

speed networks  such  as  Gigabit  Ethernet.  When  used  to  describe  data 
transfer  rates,  a  gigabit  equals  1 ,000,000,000  bits. 

Handshaking  The  establishment  of  a  two-way  communication  process  that  ensures  each 

packet  is  received. 

Head  The  mechanism  that  reads  data  from  or  writes  data  to  a  magnetic  disk  or  tape. 

The  head  is  sometimes  called  a  read/write  head.  Double-sided  floppy  disk 
drives  have  two  heads,  one  for  each  side  of  the  disk.  Hard  disk  drives  have 
many  heads,  usually  two  for  each  platter. 

HDTV  Short  for  High-Definition  Television,  a  new  type  of  television  that  provides 

much  better  resolution  than  current  televisions  based  on  the  NTSC  (National 
Television  Standards  Committee)  standard.  There  are  a  number  of  competing 
HDTV  standards,  which  is  one  reason  that  the  new  technology  has  not  been 
widely  implemented.  All  of  the  standards  support  a  wider  screen  than  NTSC 
and  roughly  twice  the  resolution. 
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Hubs  A  common  connection  point  for  devices  in  a  network.  Hubs  are  commonly 

used  to  connect  segments  of  a  LAN.  A  hub  contains  multiple  ports.  When  a 
packet  arrives  at  one  port,  it  is  copied  to  the  other  ports  so  that  all  segments  of 
the  LAN  can  see  all  packets. 

Hz  Short  for  Hertz.  This  number  represents  the  number  of  cycles  per  second.  It 

often  is  used  to  measure  screen  refreshes. 

IDE  Short  for  Intelligent  Drive  Electronics  or  Integrated  Drive  Electronics, 

depending  on  whom  you  ask.  An  IDE  interface  is  an  interface  for  mass 
storage  devices,  in  which  the  controller,  a  device  that  controls  the  transfer  of 
data  between  one  device  and  another,  is  integrated  into  the  disk  or  CD-ROM 
drive. 

IEEE  Abbreviation  of  Institute  of  Electrical  and  Electronics  Engineers,  pronounced  I- 

triple-E.  Founded  in  1884,  the  IEEE  is  an  organization  composed  of 
engineers,  scientists,  and  students.  The  IEEE  is  best  known  for  developing 
standards  for  the  computer  and  electronics  industry.  In  particular,  the  IEEE 
802  standards  for  local  area  networks  are  widely  followed. 

IMAP  Short  for  Internet  Message  Access  Protocol,  a  protocol  for  retrieving  e-mail 

messages. 

I/O  Short  for  Input/Output,  and  pronounced  eye-oh.  I/O  refers  to  any  operation, 

program,  or  device  whose  purpose  is  to  enter  data  into  a  computer  or  to 
extract  data  from  a  computer. 

IP  Abbreviation  of  Internet  Protocol,  pronounced  as  two  separate  letters.  IP  is 

something  like  the  postal  system.  It  allows  you  to  address  a  package  and  drop 
it  in  the  system,  but  there  is  no  direct  link  between  you  and  the  recipient. 

ISDN  Abbreviation  of  Integrated  Services  Digital  Network,  an  international 

communications  standard  for  sending  voice,  video,  and  data  over  digital 
telephone  lines.  ISDN  requires  special  metal  wires  and  supports  data  transfer 
rates  of  64  Kbps  (64,000  bits  per  second).  Most  ISDN  lines  offered  by 
telephone  companies  give  you  two  lines  at  once,  called  B  channels.  You  can 
use  one  line  for  voice  and  the  other  for  data,  or  you  can  use  both  lines  for  data 
to  give  you  data  rates  of  128  Kbps,  twice  the  data  rate  provided  by  today's 
fastest  modems. 


ISA  Short  for  Industry  Standard  Architecture.  The  bus  architecture  used  in  the  IBM 

PC/XT  and  PC/AT.  It  often  is  abbreviated  as  ISA  (pronounced  as  separate 
letters  or  as  eye-sa)  bus.  The  AT  version  of  the  bus  is  called  the  AT  bus  and 
became  a  de  facto  industry  standard. 

ISP  Short  for  Internet  Service  Provider,  a  company  that  provides  access  to  the 

Internet.  For  a  monthly  fee,  the  service  provider  gives  you  a  software 
package,  username,  password  and  access  phone  number.  Equipped  with  a 
modem,  you  can  then  log  on  to  the  Internet  and  browse  the  World  Wide  Web 
and  send  and  receive  e-mail. 
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KB 


Kbps 


LAN 


Local  Bus 


MAC  Address 


Short  for  KiloByte.  When  used  to  describe  data  storage,  KB  usually 
represents  1024  bytes.  When  used  to  describe  data  transfer  rates,  KB 
represents  1000  bytes. 

Short  for  Kilobits  per  second,  a  measure  of  data  transfer  speed.  Modems,  for 
example,  are  rated  in  Kbps.  Note  that  one  Kbps  is  1000  bits  per  second, 
whereas  a  KB  (kilobyte)  is  1024  bytes.  Technically,  kbps  should  be  spelled 
with  a  lowercase  k  to  indicate  that  it  is  decimal  but  almost  everyone  spells  it 
with  a  capital  K. 

Short  for  Local  Area  Network.  A  computer  network  that  spans  a  relatively 
small  area.  Most  LANs  are  confined  to  a  single  building  or  group  of  buildings. 
Most  LANs  connect  workstations  and  personal  computers.  Each  node 
(individual  computer)  in  a  LAN  has  its  own  CPU  with  which  it  executes 
programs,  but  it  also  is  able  to  access  data  and  devices  anywhere  on  the  LAN. 
This  means  that  many  users  can  share  expensive  devices,  such  as  laser 
printers,  as  well  as  data.  Users  also  can  use  the  LAN  to  communicate  with 
each  other,  by  sending  e-mail  or  engaging  in  chat  sessions. 

A  data  bus  that  connects  directly,  or  almost  directly,  to  the  microprocessor. 
Although  local  buses  can  support  only  a  few  devices,  they  provide  very  fast 
throughput. 

Short  for  Media  Access  Control  address,  a  hardware  address  that  uniquely 
identifies  each  node  of  a  network. 


MB 

Mbps/MBps 

MHz 

MPEG 

NIC 

NT 

Packet 


Short  for  megabyte  (1 ,000,000  or  1 ,048,576  bytes,  depending  on  the  context). 
See  Data  Transfer  Rates. 

Short  for  megahertz.  One  MHz  represents  one  million  cycles  per  second. 

Short  for  Moving  Picture  Experts  Group,  and  pronounced  m-peg,  a  working 
group  of  ISO.  The  term  also  refers  to  the  family  of  digital  video  compression 
standards  and  file  formats  developed  by  the  group.  MPEG  files  can  be 
decoded  by  special  hardware  or  by  software. 

Short  for  Network  Interface  Card.  Often  abbreviated  as  NIC,  an  expansion 
board  you  insert  into  a  computer  so  the  computer  can  be  connected  to  a 
network.  Most  NICs  are  designed  for  a  particular  type  of  network,  protocol, 
and  media,  although  some  can  serve  multiple  networks. 

Short  for  New  Technology.  Usually  used  in  referring  to  Windows  NT,  the  most 
advanced  version  of  Microsoft's  Windows  operating  system. 

A  piece  of  a  message  transmitted  over  a  packet-switching  network.  See  under 
packet  switching.  One  of  the  key  features  of  a  packet  is  that  it  contains  the 
destination  address  in  addition  to  the  data.  In  IP  networks,  packets  are  often 
called  datagrams. 
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Packet  Switching 


Refers  to  protocols  in  which  messages  are  divided  into  packets  before  they  are 
sent.  Each  packet  is  then  transmitted  individually  and  can  even  follow  different 
routes  to  its  destination.  Once  all  the  packets  forming  a  message  arrive  at  the 
destination,  they  are  recompiled  into  the  original  message. 


PBX 


Short  for  Private  Branch  eXchange,  a  private  telephone  network  used  within 
an  enterprise.  Users  of  the  PBX  share  a  certain  number  of  outside  lines  for 
making  telephone  calls  external  to  the  PBX. 


PCI 


Acronym  for  Peripheral  Component  Interconnect,  a  local  bus  standard 
developed  by  Intel  Corporation.  Most  modern  PCs  include  a  PCI  bus  in 
addition  to  a  more  general  ISA  expansion  bus.  Many  analysts,  however, 
believe  that  PCI  will  eventually  supplant  ISA  entirely. 


Performance 
Monitor 


Performance  Monitor  is  provided  with  Windows  NT  and  allows  the  monitoring 
of  Network  Interface  Cards  for  total  traffic,  disk  utilization,  and  CPU  utilization. 


Platter 


A  round  magnetic  plate  that  constitutes  part  of  a  hard  disk.  Hard  disks 
typically  contain  up  to  a  dozen  platters.  Most  platters  require  two  read/write 
heads,  one  for  each  side. 


POP 


Short  for  Post  Office  Protocol,  a  protocol  used  to  retrieve  e-mail  from  a  mail 
server.  Most  e-mail  applications  (sometimes  called  an  e-mail  client)  use  the 
POP  protocol,  although  some  can  use  the  newer  IMAP. 


Proxy 


A  server  that  sits  between  a  client  application,  such  as  a  Web  browser,  and  a 
web  server.  It  intercepts  all  requests  to  the  web  servers  to  see  if  it  can  fulfill 
the  requests  itself.  If  not,  it  forwards  the  request  to  the  real  server. 


RAM 


Short  for  Random  Access  Memory.  RAM  is  volatile,  meaning  that  it  loses  its 
contents  when  the  power  is  turned  off. 


Read/Write  Head 
RealAudio 


See  Head. 

The  de  facto  standard  for  streaming  audio  data  over  the  World  Wide  Web. 
RealAudio  was  developed  by  RealNetworks  and  supports  FM-stereo-quality 
sound.  To  hear  a  Web  page  that  includes  a  RealAudio  sound  file,  you  need  a 
RealAudio  player  or  plug-in,  a  program  that  is  freely  available  from  a  number 
of  places.  It  is  included  in  current  versions  of  both  Netscape  Navigator  and 
Microsoft  Internet  Explorer. 


RMON 
Router 


Short  for  Remote  MONitoring,  a  network  management  protocol  that  allows 
network  information  to  be  gathered  at  a  single  workstation. 

A  device  that  connects  two  LANs.  Routers  are  similar  to  bridges,  but  provide 
additional  functionality,  such  as  the  ability  to  filter  messages  and  forward  them 
to  different  places  based  on  various  criteria. 


RPM 


Short  for  Rotations  Per  Minute.  Used  when  referring  to  hard  disk  drive  units  or 
CD-ROM  drives. 
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SCSI 


SDRAM 


SMTP 


Abbreviation  of  Small  Computer  System  Interface.  Pronounced  scuzzy,  SCSI 
is  a  parallel  interface  standard  for  attaching  peripheral  devices  to  computers 
such  as  disk  drives  and  printers.  SCSI  interfaces  provide  for  faster  data 
transmission  rates  (up  to  80  megabytes  per  second)  than  standard  serial  and 
parallel  ports.  Although  SCSI  is  an  ANSI  standard,  there  are  many  variations 
of  it,  so  two  SCSI  interfaces  may  be  incompatible.  For  example,  SCSI 
supports  several  types  of  connectors. 

The  following  varieties  of  SCSI  are  currently  implemented: 

SCSI-1 :  Uses  an  8-bit  bus,  and  supports  data  rates  of  4  MBps. 

SCSI-2:  Same  as  SCSI-1,  but  uses  a  50-pin  connector  instead  of  a  25-pin 
connector,  and  supports  multiple  devices.  This  is  what  most  people  mean 
when  they  refer  to  plain  SCSI. 

Wide  SCSI:  Uses  a  wider  cable  (168  cable  lines  to  68  pins)  to  support  16- 
bit  transfers. 

Fast  SCSI:  Uses  an  8-bit  bus,  but  doubles  the  clock  rate  to  support  data 
rates  of  10  MBps. 

Fast  Wide  SCSI:  Uses  a  16-bit  bus  and  supports  data  rates  of  20  MBps. 

Ultra  SCSI:  Uses  an  8-bit  bus,  and  supports  data  rates  of  20  MBps. 

SCSI-3:  Uses  a  16-bit  bus  and  supports  data  rates  of  40  MBps.  Also 
called  Ultra  Wide  SCSI. 

Ultra2  SCSI:  Uses  an  8-bit  bus  and  supports  data  rates  of  40  MBps. 
Wide  Ultra2  SCSI:  Uses  a  16-bit  bus  and  supports  data  rates  of  80  MBps. 

Short  for  Synchronous  DRAM,  a  new  type  of  DRAM  that  can  run  at  much 
higher  speed  than  conventional  memory. 

Short  for  Simple  Mail  Transfer  Protocol,  a  protocol  for  sending  e-mail 
messages  between  servers.  Most  e-mail  systems  that  send  mail  over  the 
Internet  use  SMTP  to  send  messages  from  one  server  to  another;  the 
messages  can  then  be  retrieved  with  an  e-mail  client  using  either  POP  or 
IMAP. 


SNMP 


Subnet 


Short  for  Simple  Network  Management  Protocol,  a  set  of  protocols  for 
managing  complex  networks.  The  first  versions  of  SNMP  were  developed  in 
the  early  1980s.  SNMP  works  by  sending  messages,  called  protocol  data 
units  (PDUs),  to  different  parts  of  a  network.  SNMP-compliant  devices,  called 
agents,  store  data  about  themselves  in  Management  Information  Bases  and 
return  this  data  to  the  SNMP  requesters. 

A  portion  of  a  network  that  shares  a  common  address  component.  On  TCP/IP 
networks,  subnets  are  defined  as  all  devices  whose  IP  addresses  have  the 
same  prefix.  For  example,  all  devices  with  IP  addresses  that  start  with 
1 00. 1 00. 1 00  would  be  part  of  the  same  subnet.  Dividing  a  network  into 
subnets  is  useful  for  both  security  and  performance  reasons. 
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Switches  In  networks,  a  device  that  filters  and  forwards  packets  between  LAN 

segments.  Switches  operate  at  the  data  link  layer  (layer  2)  of  the  OSI  (Open 
System  Interconnection)  Reference  Model  and  therefore  support  any  packet 
protocol.  LANs  that  use  switches  to  join  segments  are  called  switched  LANs 
or,  in  the  case  of  Ethernet  networks,  switched  Ethernet  LANs.  See  also 
Packet  Switching. 

T1  A  dedicated  phone  connection  supporting  data  rates  of  1 .544  Mbps.  A  T-1  line 

actually  consists  of  24  individual  channels,  each  of  which  supports  64  Kbps. 
Each  64-Kbps  channel  can  be  configured  to  carry  voice  or  data  traffic.  Most 
telephone  companies  allow  you  to  buy  some  of  these  individual  channels, 
known  as  fractional  T-1  access. 


TCP/IP  Most  networks  combine  /Pwith  a  higher-level  protocol  called  Transport  Control 

Protocol  (TCP).  Different  from  just  IP,  TCP/IP  establishes  a  connection 
between  two  hosts  so  that  they  can  send  messages  back  and  forth  for  a  period 
of  time. 


Track  A  ring  on  a  disk  where  data  can  be  written.  A  typical  floppy  disk  has  80 

(double-density)  or  160  (high-density)  tracks.  For  hard  disks,  each  platter  is 
divided  into  tracks,  and  a  single-track  location  that  cuts  through  all  platters 
(and  both  sides  of  each  platter)  is  called  a  cylinder.  Hard  disks  have  many 
thousands  of  cylinders.  Each  track  is  further  divided  into  a  number  of  sectors. 
The  operating  system  and  disk  drive  remember  where  information  is  stored  by 
noting  its  track  and  sector  numbers. 

USB  Short  for  Universal  Serial  Bus,  a  new  external  bus  standard  that  supports  data 

transfer  rates  of  12  Mbps  (12  million  bits  per  second).  A  single  USB  port  can 
be  used  to  connect  up  to  127  peripheral  devices,  such  as  mice,  modems,  and 
keyboards.  USB  also  supports  Plug-and-Play  installation  and  hot  plugging. 

UTP  Short  for  Unshielded  Twisted  Pair,  a  popular  type  of  cable  that  consists  of  two 

unshielded  wires  twisted  around  each  other.  Due  to  its  low  cost,  UTP  cabling 
is  used  extensively  for  local  area  networks  (LANs)  and  telephone  connections. 
UTP  cabling  does  not  offer  as  high  bandwidth  or  as  good  protection  from 
interference  as  co-axial  or  fiber  optic  cables,  but  it  is  less  expensive  and  easier 
to  work  with. 


VRAM  Short  for  video  RAM,  and  pronounced  vee-ram.  VRAM  is  special-purpose 

memory  used  by  video  adapters. 

VRML  Pronounced  ver-mal,  and  short  for  Virtual  Reality  Modeling  Language,  VRML 

is  a  specification  for  displaying  three-dimensional  objects  on  the  World  Wide 
Web. 


WAN  Short  for  Wide  Area  Network.  A  computer  network  that  spans  a  relatively 

large  geographical  area.  Typically,  a  WAN  consists  of  two  or  more  local  area 
networks  (LANs). 

WRAM  Short  for  Windows  RAM,  a  type  of  RAM  developed  by  Samsung  Electronics 

that  supports  two  ports.  This  enables  a  video  adapter  to  fetch  the  contents  of 
memory  for  display  at  the  same  time  that  new  bytes  are  being  put  into 
memory. 
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xDSL  Refers  collectively  to  all  types  of  Digital  Subscriber  Lines,  the  two  main 

categories  being  ADSL  (asynchronous)  and  SDSL  (synchronous).  Two  other 
types  of  xDSL  technologies  are  High-data-rate  DSL  (HDSL)  and  Single-line 
DSL  (SDSL  also).  xDSL  is  similar  to  ISDN  in  as  much  as  both  operate  over 
existing  copper  telephone  lines  and  both  require  short  runs  to  a  central 
telephone  office  (usually  less  than  20,000  feet).  However,  xDSL  offers  much 
higher  speeds. 
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APPENDIX  A 
USEFUL  LINKS 


GENERAL 

Alberta  Education  listserver  <edc-techplanqroup@qov.ab.ca> 

Alberta  Education  web  site  <http://ednet.edc.qov.ab.ca> 

Calgary  Public  School  District  Wiring  Standards  <http://www.cbe.ab.ca> 

Technology  Implementation  Review:  Grande  Yellowhead  Regional  Division  No.  35/Wolf 
Creek  Regional  Division  No.  32  <http://ednet.edc.qov.ab.ca/technoloqv/> 


TECHNOLOGY 

Adaptec's 
ThreadMark  2.0 

AGP 

Aperture 

ATI 

Cirrus  Logic 

CU-SeeMe 

IBM 

Matrox 

NetMedic 

PC  standards 

Quantum 
RealAudio 


<http://www.adaptec.com> 

<http://www.intel.com/technoloqv/aqp/> 

<http://www.aperture.com/> 

<http://www.atitech.com/> 

<http://www.cirrus.com/> 

<  http://www.wpine.com/> 

<http://www.storaqe.ibm.com. :8Q/storaqe/hardsoft/diskdrdl.htm> 

<http://www.matrox.com/> 

<http://www.vitalsiqns.com> 

<http://www.microsoft.com/hwdev/desquid/>  and 
<http://developer.intel.com/desiqn/pc98/> 

<http://www.quantum.com/> 

<http://www.realaudio.com/> 


RMON  Technically  Elite<http://www.tecelite.com> 


S3 

Seagate 
SPEC  CPU95 
Surf  watch 
WebSense 
Western  Digital 
Ziff-Davis  CPUmark, 


<http://www.s3.com/> 

<http://www.seaqate.com/> 

<http://www.specbench.orq> 

<  htt  p  ://ww  w  1 .  s  u  rf  watch  .com/home/> 

<http://www.websense.com/> 

<http://www.wdc.com/> 

<http://www.zdbop.com> 
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APPENDIX  B 
ALBERTA  EDUCATION  WEB  SITE  HOME  PAGE 


in D:\WINNT\ProfilesVJim  Ward\Desklop\homepage 

H-I°|x| 

File   Edit  View  IHelp 

i  homepage 

©1  ^1  xl^l 

Name 

1 





i"}  UUInCU 

Q  6  ipg 

jND 

lnn3jZ|6  Expert  Picture 

Hf  1  /  -JO  '-'.□0  H"'" 

A  i 

;^"|  acrobat.gif 

Ik'R 

1  KD 

GIF  Irnspe 

H"^  1  /aO  3.U  \  HI'" 

S  addupcomingevent.ipg 

Imsci^  Expert  Picture 

i/1  /Qo  q.ni  Au 

^•'lAi  alKarha^A^^h  nil* 

:  jII  alDcr(d(c>.l.L|ir 

9  k' R 

Liir  inidyc 

*r/  1  /  CO  -J.U  1  Ml"l 

bphve.jpg 

7KB 

liTi^cie  Expert  Picture 

\^  darkblueline.html 

1KB 

Internet  Document ... 

8/19/97  9:14  AM 

A 

L^j  J.f-,  ,|L    .  .._ 

1 1fR 

1  IXD 

MDr  nie 

1 1  .'R.'Q7  jl-n^  PM 

A 

n  DIPL0MAEX4M.JPG 

5KB 

Image  Expert  Picture 

4/1  ,.'98  8; 38  AM 

A 

GRADIENTYELLOW.GIF 

1KB 

GIF  Image 

4/1/98  10:15AM 

A 

1  [^homepage,  asp 

4KB 

ASP  File 

4/1/98  10:20  AM 

A 

i«]  Lineblue.gif 

1KB 

GIF  Image 

3/31/98  9:10  AM 

A 

1  i»]  Rightbar.gif 

23KB 

GIF  Image 

4/1/98  8:57  AM 

A 

i  ^  rndbutton.gif 

1KB 

GIF  Image 

4/1/98  9:01  AM 

A 

i  ^sections.asp 

2KB 

ASP  File 

10/10/97  7:47  AM 

A  i 

i«]  tabhighlights.gif 

1KB 

GIF  Image 

4/1/98  9:01  AM 

A 

[^titlebar.asp 

1KB 

ASP  File 

3/16/98  2:41  PM 

A 

£J  Topie.jpg 

9KB 

Image  Expert  Picture 

4/1 /9811:35  AM 

A 

WHITETDBLUE.GIF 

1KB 

GIF  Image 

4/1/98  10:18AM 

A  i 

ISobjectW 

61.3KB 

FIGURE  26:  ALBERTA  EDUCATION  WEB  SITE  HOME  PAGE  FILE  SIZES 


The  Alberta  Education  web  site  has  the  following  structure: 
<http://ednet.edc.qov.ab.ca/> 

•  Frame:  <http://ednet.edc.qov.ab.ca/titlebar.asp> 

Background  Image:  <http://ednet.edc.qov.ab. ca/qraphics/titlebar/5.ipq> 
Image:  <http://ednet.edc.qov.ab.ca/riqhtbar.qif> 

•  Frame:  <http://ednet.edc.qov.ab.ca/darkblueline.html> 

•  Frame:  <http://ednet.edc.qov.ab.ca/sections.asp> 

Background  Image:  <http://ednet.edc.qov.ab.ca/qradientvellow.qif> 
Image:  <http://ednet.edc.qov.ab.ca/imaqes/lineblue.qif> 
Image:  <http://ednet.edc.qov.ab.ca/imaqes/lineblue.qif> 
Image:  <http://ednet.edc.qov.ab.ca/imaqes/lineblue.qif> 
Image:  <http://ednet.edc.qov.ab.ca/imaqes/lineblue.qif> 
Image:  <http://ednet.edc.qov.ab.ca/imaqes/lineblue.qif> 

•  Frame:  <http://ednet.edc.qov.ab.ca/homepaqe.asp> 

Image:  <http://ednet.edc.qov.ab.ca/imaqes/tabhiqhliqhts.qif> 
Image:  <http://ednet.edc.qov.ab.ca/lineblue.qif> 
Image:  <http://ednet.edc.qov.ab.ca/features/topie.ipq> 
Image:  <http://ednet.edc.qov.ab.ca/features/bpfive.ipq> 
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Image:  <http://ednet.edc.gov.ab.ca/features/addupcominqevent.ipq> 
Image:  <http://ednet.edc.qov.ab.ca/acrobat.qif> 
Image:  <http://ednet.edc.qov.ab.ca/qraphics/rndbutton.qif> 
Image:  <http://ednet.edc.qov.ab.ca/qraphics/rndbutton.qif> 
Image:  <http://ednet.edc.qov.ab.ca/qraphics/rndbutton.qif> 
•    Frame:  <http://ednet.edc.qov.ab.ca/search.html> 

Background  Image:  <http://ednet.edc.qov.ab.ca/imaqes/whitetoblue.qifForm  1  :> 
Action  URL:  <http://ednet.edc.qov.ab.ca/search/querv.idq> 
Encoding:  application/x-www-form-urlencoded  (default) 
Method:  Get 

Image:  <http://ednet.edc.qov.ab.ca/qraphics/albertatext.qif> 
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NETMEDIC  OUTPUT 


File  Vtew  Wmcksvv  Help 


'i^  Netscape  -  IZDNel] 


Fib    Edit   View   go   Bookn).3(ks    Options    Diiec-tory   Window  Help 


>  j 

y  1    ®:  \ 

1      1  B  1 

•  1 

Back  j 

Edit    1     Reload  ] 

Opsn   1   Prmt  FiiKi 

Sfx.f.  j 

?l!  Location:  IhttD  .•■'/www  zdnel  corri/ 

'whjt'sCooP   [    DestinatiDri-s  |  Net  Search  :|     People    |   £jft'j»ate  [ 


et 


METW<KR    3111       AVC.  IMTt 


Maximum  Rnver. 


Wednesday,  Januaiy  14 


Build  a  virtual  office 

Need  a  quick  way  lo  connect  your  far-flung 
colleagues  ?  PC  iVIagazine  \es\ed  seven  products 
that  provide  many  of  the  features  of  enterprise 
groupware  -  without  an  IS  department.  Find  out 
which  got  the  Editor's  Choice.  ► 

New  Tillamook  Portabies 

Some  might  call  them  screamers  A  new  crop  of 
notebooks  using  Intel's  266  Mhz  Pentium  with 
MMX  Is  out,  and  we  have  what  you  need  to  know. 
Start  with  Computer  Shopper's  sneak  peek,  then  • 
check  out  PC  Msgazme  and  PC  Week  for  their 
latest  reviews. 


Best  tips  of  the  year 
Start  the  new  year  off  right  with  the  Help  Channel's 
best  tips  of  the  yeai  Fiorn  srn.3i1pr  surfing  to 
jE/jSiJ  lOocunent  Done 


breaking  news 

L3st  updated  January  14.  19 
03:23:19  PM  PT 

»  llk-r  Oi  L2J_ 


jji  iii^dM  ^dinnl 
■-'enge  of  Ihe  nerds 


Free  software  ha 


|||Stan[    ^^"J^^      IjEi^  I  ^au$e(M  j  gf  Mtaos...  {[^Nets...    gS^FhiCla.,]  ^Micio$...]  AjCalend..[  4»^■tet.M...  j  i^?feos.. 

FIGURE  27:  NETMEDIC  WEB  PAGE 
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NeLMedic 


File  View  Window  Help 


ze:  10.4  kilobytes  Health  Log:  [netcom.net  experier 


:  Transteiring  data. 


SPtEOOMiT  i'eii 


Tl»  METWO«K    SITS       ASfG.  RATE 


CPU  LOAD    ^CACNE  HITS : 


]x    2x    3x     4x    ^  26.4fefe£S__. 
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........Illll  II 


TIUWFfIC  ^PE/4KSPIE 


DCLA'T  LOAD        WTHROliCH^Ur  ■ 


00:00  00:00  00:0 


SIfSSIOff  TOOAV 


Pj1ru'  ivport%  cm  yaiir  Intvmvt 
pc'yhrmsince  iiicludwg  yam 
ISP's  sc'j-virr  Sc%vi%. 

Checi.  (hp  wid!  aif^m  ufyour 
i\nwn'  ^^Jff'fY^rr  pH!h  inifi 
Net.Mvdtc  '.s  an!fijaJed 
rrirj-  k'j-  rr  id  ovr  a  icvt. 


Iride?  each  Wbb  pagp  's 
miieval  Umc  m  deiermh\e  U 
dt  feys  an'  cumvd  by  ahe  twi- 
m:<rk  or  (Iw  sen't^r  (W(?b  sUej. 


Monitor  Bird  upihnm>  the  cmiine 
pciiarmance  of  your  PC. 


Optimi/^  your  modmu  s  cam- 
pwssi(m  and  em\r-cht>cking 
perfarmmjce  to  speed 
VA'b  pagp  rBmpvsi 

Track  trstllc  k'vek,  dclBys,  and 
the  twemll  health  o/yoiij- 
JSP  s  perhirmance. 


holatp  network  prohJerns  fo  itie 
hiiermt  buckbtma. 


imweMnce,  inrhidmg  Vibb  appU- 
ration  ffflTP)  respome  imw. 


Tr.^ck  vimr  anual  onhnv  iimv  to 
vnsiirf  pi-oppr  biUtn^. 


FIGURE  28:  NETMEDIC  PANEL 
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HP  OPENVIEW 


FIGURE  29:  ELK  ISLAND  INTERNET  TRAFFIC— 1  WEEK 


FIGURE  30:  ELK  ISLAND  INTERNET  TRAFFIC— 1  DAY 
(EXPANDED  FROM  PREVIOUS) 
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AGNPAC  ANALYSIS 


UTILIZA TION  STA TS  FOR  THE  AGNpac  FRAME  RELA  Y 
CIRCUIT  FOR  THE  SUMMITVIEW  SCHOOL  IN  GRANDE  CACHE 
(January  5  to  January  8,  1998) 
(SPEED  =  128  Kbps) 
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FIGURE  31:  GRANDE  CACHE  FRAME  RELAY  CIRCUIT  UTILIZATION 


NETWORK  DESIGN 


APPENDIX  E  93 


94    NETWORK  DESIGN 


APPENDIX  F 

TECHNICALLY  ELITE  RMON  PROBE  MWARE  SOFTWARE 


File  Boiling  lable 
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FIGURE  32:  NETWORK  UTILIZATION  IN  PPS  AND  PERCENTAGE 
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FIREWALL-1  ANALYSIS 


Enabling  Accounting  summarizes  all  network  sessions.  This  data  can  be  downloaded 
via  a  text  file  to  Access  or  Excel  (depending  upon  size)  for  further  analysis. 
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FIGURE  36:  FIREWALL-1  LOG  FILE  (SOURCE  IP  SUPPRESSED) 
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FIGURE  37:  FIREWALL-1  ACTIVE  SESSIONS  (SOURCE  IP  SUPPRESSED) 
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ETHERNET  PACKET 


Packet  #1 

Flags:  0x00 
Status:  0x00 
Packet  Length:  146 

Timestamp:    14:12:29.820935  02/04/1998 
Ethernet  Header 

Destination:  00:e0:b0:63:b3:eb 

Source:      00:60:08:a3:1 1  :bd 

Protocol  Type :0x0800  IP 
IP  Header  -  Internet  Protocol  Datagram 

Version:  4 

Header  Length:  5 

Precedence:  0 

Type  ot  Service:  %000 

Unused:  %00 

Total  Length:  128 

Identifier:  39509 

Fragmentation  Flags:  %000 

Fragment  Offset:  0 

Time  To  Live:  128 

IP  Type:  0x01  ICMP 

Header  Checksum:  0x7338 

Source  IP  Address:  142.60.253.6 

Dest.  IP  Address:  142.229.18.199 

No  Internet  Datagram  Options 
ICMP  -  Internet  Control  Messages  Protocol 

ICMP  Type:  8  Echo  Request 

Code:  0 

Checksum:  0x08e3 

Identifier:  0x0100 

Sequence  Number:  26649 

ICMP  Data  Area: 

iG0B,l:M#?_03|l'J  a1  47  18  42  2c  49  3a  4d  23  3f  5f  51  33  7c  cd  4a 
±VD]OWDWDw'^)>MD+  b1  56  1  e  5d  fc  57  9e  57  f8  77  5e  29  3e  4d  1  c  2b 
OD30t|&jbO""EnOO  f7  1f  33  15  87  7c  26  6a  62  Oc  93  22  c8  6e  7f  Od 
DXgOD7|DOKOO¥aOE  44  58  67  30  1 4  37  7c  Oc  e9  4b  e3  1  a  a5  61  00  20 
DC06ETM0S-V0DMK  fb  63  13  36  20  54  aa  31  eb  53  b7  56  19  03  4d  4b 
'DQ]0Ei00h|w')8]  92  07  51  5d  da  20  a1  la  19  68  7c  77  60  29  38  5d 
OhDO  16  68  7f0b 

Frame  Check  Sequence:  0x2746cf98 

FIGURE  38:  ETHERNET  PACKET 
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JURISDICTION  DOCUMENTATION 


FIGURE  39:  SCHOOL  DIAGRAM 
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FIGURE  40:  EIPS  DIAGRAM 
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FIGURE  41:  DETAILED  INFRASTRUCTURE  RECORDS 
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APPENDIX  K 
RELATED  ALBERTA  EDUCATION  RESOURCES 


Computer  Network  Security:  Best  Practices  for  Alberta  School  Jurisdictions  (1 999). 

Developing  A  Three-Year  Technology  Integration  Plan:  A  Resource  for  School 
Jurisdictions  (1 998). 

FOiPP  and  Technology:  Best  Practices  for  Alberta  School  Jurisdictions  (1 999). 

FOIPP  and  Technology  Highlights:  Best  Practices  for  Alberta  School  Jurisdictions 
(1999). 

Implementing  and  Managing  Web  Site  Development  in  Education:  Best  Practices  for 
Alberta  School  Jurisdictions  (1999). 

Managing  Technology  Funding:  Best  Practices  for  Alberta  School  Jurisdictions  (1999). 

On- Line  Learning:  Best  Practices  for  Alberta  School  Jurisdictions  (1 999). 

Preparing  to  Implement  Learner  Outcomes  in  Technology:  Best  Practices  for  Alberta 
School  Jurisdictions  (1 999). 

Professional  Development  for  Teaching  Technology  Across  the  Curriculum:  Best 
Practices  for  Alberta  School  Jurisdictions  (1999). 

Technical  Support  Planning:  Best  Practices  for  Alberta  School  Jurisdictions  (1 999). 

Technology  Implementation  Review,  Grande  Yellowhead  Regional  Division  No.  24  and 
Wolf  Creek  Regional  Division  No.  32:  Best  Practices  and  Key  Learnings  with  Respect  to 
Technology,  Its  Implementation  and  Management  in  Education  (1 997). 
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